Compare commits

...

609 Commits

Author SHA1 Message Date
Carlos Bordon
e60187803c Merge pull request #1366 from wazuh/1363-rollback-image-version
Rollback image version rc2
2024-05-29 12:30:57 -03:00
vcerenu
842180baa6 rollback image version 2024-05-29 12:22:43 -03:00
Carlos Bordon
f0488805a4 Merge pull request #1365 from wazuh/1363-commit-image-version
Commit image version rc2
2024-05-29 12:15:40 -03:00
vcerenu
ac6d9e576c commit image version 2024-05-29 12:02:50 -03:00
Carlos Bordon
2b44780605 Merge pull request #1364 from wazuh/1363-bump-revision
Bump revision rc2
2024-05-29 11:55:12 -03:00
vcerenu
c6b38e3de9 bump revision 2024-05-29 11:39:04 -03:00
Carlos Bordon
bac9daa337 Merge pull request #1354 from wazuh/1348-revert-tag
Revert docker image tag
2024-05-22 14:40:41 -03:00
Gonzalo Acuña
2c39ce5303 Revert docker image tag 2024-05-22 14:31:10 -03:00
Carlos Bordon
9487dd592e Merge pull request #1353 from wazuh/1348-change-tag
Change docker image tag
2024-05-22 14:19:29 -03:00
Gonzalo Acuña
a55eb7f14a Change docker image tag 2024-05-22 14:15:51 -03:00
Carlos Bordon
b0d14dca28 Merge pull request #1352 from wazuh/1348-bump-revision
Bump revision
2024-05-22 14:05:38 -03:00
Gonzalo Acuña
f96b340074 Bump revision 2024-05-22 13:57:22 -03:00
Gonzalo Acuña
2b25f362fd Merge pull request #1351 from wazuh/1348-rollback-image-version
Rollback rc1 image version
2024-05-22 12:05:17 -03:00
vcerenu
2e18b6a873 Rollback image version 2024-05-22 11:55:43 -03:00
Gonzalo Acuña
2bd7c0d6f1 Merge pull request #1350 from wazuh/1348-commit-image-version
Commit rc1 image version
2024-05-22 11:50:36 -03:00
vcerenu
ec69c20413 commit image version 2024-05-22 11:44:13 -03:00
Gonzalo Acuña
7df0ee2a22 Merge pull request #1345 from wazuh/bump-4.7.5-version
Bump 4.7.5 version
2024-05-15 07:27:47 -03:00
vcerenu
db89d2154f bump 4.7.5 version 2024-05-15 07:04:04 -03:00
David Correa Rodríguez
ec76ea8d92 Merge pull request #1318 from wazuh/rollback-image-version 2024-04-25 10:32:50 +02:00
vcerenu
ce0a855c3d rollback image name 2024-04-25 05:25:17 -03:00
David Correa Rodríguez
d10af3b669 Merge pull request #1317 from wazuh/change-image-rc2 2024-04-25 10:19:01 +02:00
vcerenu
b7609311dc change image version 2024-04-25 05:12:59 -03:00
Victor Ereñú
81c42d02b1 Merge pull request #1316 from wazuh/bump-revision-474
Bump revision 40717
2024-04-25 05:09:32 -03:00
vcerenu
ee3159b225 bump revision 2024-04-25 04:58:29 -03:00
David Correa Rodríguez
3bed3a3a31 Merge pull request #1311 from wazuh/revert-tag-4.7.4-rc1
Reverted tag for 4.7.4 RC1
2024-04-23 09:51:10 +02:00
David Correa Rodríguez
9109104af2 Reverted tag for 4.7.4 RC1 2024-04-23 09:46:03 +02:00
David Correa Rodríguez
2efc6c56fa Merge pull request #1310 from wazuh/change-tag-4.7.4-rc1
Updated tag for 4.7.4 RC1
2024-04-23 09:41:01 +02:00
David Correa Rodríguez
daf1e837a1 Updated tag for 4.7.4 RC1 2024-04-23 09:32:02 +02:00
David Correa Rodríguez
9881957f86 Merge pull request #1309 from wazuh/bump-revision-40716
Bumped revision to 40716
2024-04-23 09:24:55 +02:00
David Correa Rodríguez
8c874235bf Bumped revision to 40716 2024-04-23 09:20:23 +02:00
Gonzalo Acuña
d2181f78cd Merge pull request #1300 from wazuh/bump-version-4.7.4
Bumped version to 4.7.4
2024-04-18 10:24:02 -03:00
David Correa Rodríguez
d904595787 Bumped version to 4.7.4 2024-04-18 15:16:32 +02:00
David Correa Rodríguez
c88172dc56 Merge pull request #1233 from wazuh/bump-revision-40713
Bump revision to 40713
2024-02-29 11:09:37 +01:00
David Correa Rodríguez
3f8444a71e Bump revision to 40713 2024-02-29 10:47:34 +01:00
Gonzalo Acuña
7f09331a95 Merge pull request #1213 from wazuh/bump-revision
Bump 4.7.3 version
2024-02-19 10:48:34 -03:00
vcerenu
5a5fbdd62c bump 4.7.3 version 2024-02-19 06:02:47 -03:00
Victor Ereñú
8814200fb2 Merge pull request #1165 from wazuh/bump-revision
Bump revision
2023-12-22 18:59:26 +10:00
vcerenu
69d61278cf bump revision 2023-12-22 05:46:46 -03:00
Gonzalo Acuña
ca8cf4f717 Merge pull request #1159 from wazuh/merge-4.7.1-into-4.7.2
Merge 4.7.1 into 4.7.2
2023-12-20 14:13:11 -03:00
David Correa Rodríguez
2c92c87b02 Merge branch '4.7.1' into merge-4.7.1-into-4.7.2 2023-12-20 17:38:00 +01:00
Gonzalo Acuña
402c5d6fea Merge pull request #1153 from wazuh/Bump-4.7.1-RC3
Bump 4.7.1 to RC3 revision
2023-12-15 14:05:33 -03:00
c-bordon
81738baf88 Bump 4.7.1 to RC3 revision 2023-12-15 13:45:19 -03:00
Gonzalo Acuña
4210c23a4c Merge pull request #1146 from wazuh/mantainence/Bump-Revision-for4.7.1-rc2
Bumped revision for 4.7.1 rc2
2023-12-07 15:27:22 -03:00
c-bordon
ddf1d781eb Bumped revision for 4.7.1 rc2 2023-12-07 15:25:50 -03:00
Victor Ereñú
3d58ff0049 Merge pull request #1141 from wazuh/bump-revision
Support new Wazuh version 4.7.2 in wazuh-docker repository
2023-11-30 19:21:17 +10:00
vcerenu
d44b87800a bump revision number 2023-11-30 06:11:07 -03:00
Gonzalo Acuña
375d94d22f Merge pull request #1135 from wazuh/bump_revision_number
bump revision number
2023-11-27 09:47:36 -03:00
vcerenu
eb6eae692c bump revision number 2023-11-27 09:01:25 -03:00
Carlos Bordon
16681104b4 Merge pull request #1131 from wazuh/merge-4.7.0-into-4.7.1
Merge 4.7.0 into 4.7.1
2023-11-24 08:40:32 -03:00
David Correa Rodríguez
794e9a27f4 Merge branch '4.7.0' into merge-4.7.0-into-4.7.1 2023-11-24 10:21:33 +01:00
Victor Ereñú
dcf48426c1 Merge pull request #1129 from wazuh/chenge_revision_number
Change revision number
2023-11-23 07:58:19 -03:00
vcerenu
f8eb0b5f1d change revision number 2023-11-23 07:47:39 -03:00
Gonzalo Acuña
139f7a52f6 Merge pull request #1124 from wazuh/1119-update-filebeat-module-download-url
Update Filebeat module download URL
2023-11-22 09:38:08 -03:00
Gonzalo Acuña
2df37520a7 Merge pull request #1125 from wazuh/change/492-remove-report-dependencies
Removed report dependencies from Wazuh dashboard image
2023-11-22 09:00:13 -03:00
c-bordon
423fc248ef Removed report dependencies from Wazuh dashboard image 2023-11-21 15:05:17 -03:00
vcerenu
12d45d83ad add dheck for filebeat repository 2023-11-21 10:24:37 -03:00
vcerenu
f7f90941ed add dheck for filebeat repository 2023-11-21 09:52:52 -03:00
Carlos Bordon
6c50089d53 Merge pull request #1117 from wazuh/change/1116-update-filebeat-module-to-03-version
Updated Filebeat module version to 0.3
2023-11-14 15:11:57 -03:00
c-bordon
56ccf81185 Fixed wrong file 2023-11-14 14:29:46 -03:00
c-bordon
20a3f170d8 Updated Filebeat module version to 0.3 2023-11-14 14:28:35 -03:00
Carlos Bordon
25e4c24c87 Merge pull request #1105 from wazuh/change_revision
Support new stage RC 1 for 4.7.0 in wazuh-docker repository
2023-11-13 09:40:15 -03:00
vcerenu
2ccd5dc431 change revision number 2023-11-13 09:33:37 -03:00
David Jose Iglesias Lopez
504e1f2017 Merge pull request #1091 from wazuh/enhancement/337-change-repo-name
Update links to wazuh-kibana-app repo
2023-11-02 16:30:51 +01:00
Victor Ereñú
15413250e8 Merge pull request #1095 from wazuh/1094-support-new-stage-alpha-2
Bump revision number
2023-11-02 12:22:30 -03:00
vcerenu
fa956c53e7 bump revision number 2023-11-02 12:07:17 -03:00
rafabailon
d352019385 Rename Kibana as Dashboard 2023-10-31 10:09:45 +01:00
Gonzalo Acuña
27962e38f1 Merge pull request #1086 from wazuh/maintenance/1332-update-wazuh-kibana-app-references
Updated wazuh-kibana-app reference
2023-10-25 12:40:14 -03:00
David Correa Rodríguez
f1140fc088 Updated wazuh-kibana-app references 2023-10-25 15:56:11 +02:00
Gonzalo Acuña
0ecf533cdc Merge pull request #1085 from wazuh/1079-make-directories-for-docker-composeyml
Make directories for docker-compose.yml
2023-10-25 09:47:02 -03:00
vcerenu
cda712949a add mounted directories into dockerfile 2023-10-25 09:20:33 -03:00
vcerenu
4a95d18b9a add mounted directories into dockerfile 2023-10-25 06:29:09 -03:00
David Correa Rodríguez
bfae09af52 Merge pull request #1081 from wazuh/merge-4.7.0-into-4.7.1
Merge 4.7.0 into 4.7.1
2023-10-24 09:53:02 +02:00
David Correa Rodríguez
1c0b12deaa Merge branch '4.7.0' into merge-4.7.0-into-4.7.1 2023-10-24 09:48:38 +02:00
David Correa Rodríguez
92b3395abc Merge pull request #1080 from wazuh/merge-4.6.0-into-4.7.0
Merge 4.6.0 into 4.7.0
2023-10-24 09:47:17 +02:00
David Correa Rodríguez
b1d10f879c Merge branch '4.6.0' into merge-4.6.0-into-4.7.0 2023-10-24 09:42:48 +02:00
David Correa Rodríguez
98e96a5260 Merge pull request #1077 from wazuh/merge-4.5.4-into-4.6.0
Merge 4.5.4 into 4.6.0
2023-10-24 09:40:50 +02:00
David Correa Rodríguez
84e57b9c9a Merge branch '4.5.4' into merge-4.5.4-into-4.6.0 2023-10-24 09:25:31 +02:00
Victor Ereñú
e13cfcf454 Merge pull request #1073 from wazuh/bump-revision-4.6.0
Bump revision 40603
2023-10-23 12:33:32 -03:00
vcerenu
e48255641f bump revision 2023-10-23 12:21:49 -03:00
Victor Ereñú
c4d6a254cc Merge pull request #1067 from wazuh/merge-4.7.0-into-4.7.1
Merge 4.7.0 into 4.7.1
2023-10-23 05:37:06 -03:00
vcerenu
d45e2d984e resolving conflicts 2023-10-23 05:27:21 -03:00
vcerenu
781e6a4082 resolving conflicts 2023-10-23 05:25:42 -03:00
Victor Ereñú
0c7d298eea Merge pull request #1066 from wazuh/merge-4.6.0-into-4.7.0
Merge 4.6.0 into 4.7.0
2023-10-23 05:21:47 -03:00
Victor Ereñú
05ef9b899b Merge pull request #1065 from wazuh/merge-4.5.4-into-4.6.0
Bump 4.5.4 version
2023-10-23 05:14:00 -03:00
vcerenu
c46b1c0d82 resolving conflicts 2023-10-23 05:02:02 -03:00
David Correa Rodríguez
3a3218f0d4 Merge pull request #1061 from wazuh/bump-revision-40510
Bump revision to 40510
2023-10-19 12:00:04 +02:00
David Correa Rodríguez
dd86d1b707 Bump revision to 40510 2023-10-19 11:46:24 +02:00
Gonzalo Acuña
60563720f3 Merge pull request #1059 from wazuh/bug/1054-remove-filebeat-template-value
Removed value of Filebeat template variable
2023-10-17 11:05:17 -03:00
David Correa Rodríguez
0cd98767c8 Removed value of Filebeat template variable 2023-10-17 15:23:37 +02:00
Gonzalo Acuña
8aad8651d7 Merge pull request #1058 from wazuh/bump-version-4.5.4
Bump 4.5.4 version
2023-10-17 09:03:27 -03:00
vcerenu
3c073ab5ea bump 4.5.4 version 2023-10-17 09:01:18 -03:00
Gonzalo Acuña
b8ff013b36 Merge pull request #1056 from wazuh/bug/1054-the-images-build-fails-due-to-filebeat-template-branch
Fixed Filebeat template bug in image generation
2023-10-17 08:33:09 -03:00
vcerenu
5106715b0c bump 4.5.4 version 2023-10-17 05:55:15 -03:00
David Correa Rodríguez
523a28b20d Fixed Filebeat template bug in image generation 2023-10-16 16:09:05 +02:00
David Correa Rodríguez
0f1cc4b955 Merge pull request #1053 from wazuh/bump-revision-40701
Bump revision to 40701
2023-10-13 11:42:21 +02:00
David Correa Rodríguez
aee83a1a2d Bump revision to 40701 2023-10-13 10:25:38 +02:00
Victor Ereñú
aa88dad36a Merge pull request #1038 from wazuh/merge-4.7.0-into-4.7.1
Merge 4.7.0 into 4.7.1
2023-10-09 06:37:00 -03:00
vcerenu
a424c683ae bump new builder script 2023-10-09 06:34:35 -03:00
Victor Ereñú
0555e4956b Merge pull request #1037 from wazuh/bump-4.7.0
Bump new builder script
2023-10-09 06:31:28 -03:00
vcerenu
dee2c3c8dc bump new builder script 2023-10-09 06:28:03 -03:00
Victor Ereñú
1e29e8fcfc Merge pull request #1035 from wazuh/merge-4.7.0-into-4.7.1
Merge 4.7.0 into 4.7.1
2023-10-09 06:04:29 -03:00
David Correa Rodríguez
25be906860 Merge branch '4.7.0' into merge-4.7.0-into-4.7.1 2023-10-09 10:50:11 +02:00
Victor Ereñú
c18a1eca56 Merge pull request #1034 from wazuh/merge-4.6.0-into-4.7.0
Merge 4.6.0 into 4.7.0
2023-10-09 05:33:57 -03:00
David Correa Rodríguez
14dcc8b6a6 Merge 4.6.0 into 4.7.0 2023-10-09 09:41:25 +02:00
Gonzalo Acuña
89e0fc9604 Merge pull request #1033 from wazuh/bump-revision-4.6.0
Bump revision to 40602
2023-10-06 09:15:14 -03:00
David Correa Rodríguez
64f083631d Bump revision to 40602 2023-10-06 14:11:05 +02:00
David Correa Rodríguez
fa2f2b2a31 Merge pull request #1031 from wazuh/merge-4.5.3-into-4.6.0
Merge 4.5.3 into 4.6.0
2023-10-06 10:48:10 +02:00
David Correa Rodríguez
8d1c239a3c Merge branch '4.5.3' into merge-4.5.3-into-4.6.0 2023-10-06 10:23:04 +02:00
Gonzalo Acuña
ded91b2f0a Merge pull request #1029 from wazuh/bump-4.5.3-revision
Bump 4.5.3 revision
2023-10-05 11:48:22 -03:00
Gonzalo Acuña
d7e051af19 Bump 4.5.3 revision 2023-10-05 11:44:40 -03:00
Gonzalo Acuña
b4db7f16cc Merge pull request #1026 from wazuh/bug/change-validation-order-for-wazuh-branch-to4.6.0
Changed validation order for wazuh branch
2023-10-04 15:42:36 -03:00
c-bordon
61bfe58491 Changed validation order for wazuh branch 2023-10-04 15:38:39 -03:00
Gonzalo Acuña
9d3701fa60 Merge pull request #1025 from wazuh/enhancement/1016-allow-branch-parameters-on-build-imagessh-to4.6.0
Updated build-images.sh script to support build parameters
2023-10-04 13:49:42 -03:00
c-bordon
c550c1a852 Added validation for version in master branch 2023-10-04 12:29:15 -03:00
c-bordon
1b41068618 Updated README file 2023-10-04 11:55:39 -03:00
c-bordon
8ac3ea1e8a Added final space 2023-10-04 11:44:00 -03:00
c-bordon
893796c4a2 Restore .env file 2023-10-04 11:41:22 -03:00
Gonzalo Acuña
d6a72c6fb1 Merge pull request #1024 from wazuh/bug/1017-warning-opensearchsecurityplugin-wazuh-indexer-has-insecure-file-permissions-should-be-0600-to4.6.0
Updated file permissions to have the same permissions as in package installation in Wazuh indexer
2023-10-04 11:22:44 -03:00
c-bordon
7172c818c7 Update order of variables 2023-10-04 11:16:04 -03:00
c-bordon
a2ee29bfd3 Updated file permissions to have the same permissions as in package installation in Wazuh indexer 2023-10-04 09:36:08 -03:00
c-bordon
e205c87d37 .env file updated 2023-10-04 08:35:45 -03:00
c-bordon
545ef6851b Fixed validation 2023-10-03 16:59:08 -03:00
c-bordon
36c06dc4c8 Added validation for dev branch 2023-10-03 16:54:43 -03:00
c-bordon
3fd3f42389 Added check for wazuh/wazuh branch 2023-10-03 16:43:30 -03:00
c-bordon
b22fa235c7 Updated build image script 2023-10-03 15:52:25 -03:00
c-bordon
c3c8ea3d02 Changing files permissions 2023-10-03 12:20:17 -03:00
c-bordon
905b4de859 Testing change permissions in entrypoint 2023-10-02 08:49:17 -03:00
c-bordon
23d34f6a89 Fixed OpenSearch security plugin warnings 2023-10-02 08:27:49 -03:00
c-bordon
8fa20abbbd Fixed sed command 2023-09-28 14:29:53 -03:00
c-bordon
d9b053caf4 Testing with another dir for opensearch security policy 2023-09-28 12:48:38 -03:00
c-bordon
d5dc67e9c3 Fixing Wazuh indexer files permissions 2023-09-28 10:37:08 -03:00
Gonzalo Acuña
93c53a712d Merge pull request #1021 from wazuh/change/1020-bump-revision-4.5.3-rc2
Bump revision to 40507
2023-09-28 08:24:43 -03:00
David Correa Rodríguez
5f3a0481ba Bump revision to 40507 2023-09-28 12:14:34 +02:00
Gonzalo Acuña
958e466682 Merge pull request #1013 from wazuh/bump-4.6.0-revision
Revision Bump
2023-09-22 14:49:59 -03:00
Gonzalo Acuña
7d5b1c4f85 Revision Bump 2023-09-22 14:37:02 -03:00
Gonzalo Acuña
a98e57bb6c Merge pull request #1010 from wazuh/merge-4.7.0-into-4.7.1
Merge 4.7.0 into 4.7.1
2023-09-22 07:32:20 -03:00
David Correa Rodríguez
b3441a6b07 Updated TEMPLATE_VERSION variable 2023-09-22 12:23:37 +02:00
David Correa Rodríguez
a3e2a2d88b Merge remote-tracking branch 'origin/4.7.0' into merge-4.7.0-into-4.7.1 2023-09-22 12:22:38 +02:00
Gonzalo Acuña
6407325761 Merge pull request #1009 from wazuh/merge-4.6.0-into-4.7.0
Merge 4.6.0 into 4.7.0
2023-09-22 07:09:17 -03:00
David Correa Rodríguez
7312f86235 Merge remote-tracking branch 'origin/4.6.0' into merge-4.6.0-into-4.7.0 2023-09-22 12:07:13 +02:00
Gonzalo Acuña
d6b73cb3dc Merge pull request #1008 from wazuh/merge-4.5.3-into-4.6.0
Merge 4.5.3 into 4.6.0
2023-09-22 06:36:48 -03:00
David Correa Rodríguez
62627e32fd Merge remote-tracking branch 'origin/4.5.3' into merge-4.5.3-into-4.6.0 2023-09-22 11:11:45 +02:00
Gonzalo Acuña
149df5e492 Merge pull request #973 from wazuh/17617-vdt-alas2023-support
Add Amazon Linux 2023 VDT default configuration
2023-09-21 11:03:11 -03:00
Gonzalo Acuña
a6c22d9618 Merge pull request #1003 from wazuh/bump-version-4.7.1
Bump version to 4.7.1
2023-09-20 08:14:05 -03:00
David Correa Rodríguez
d449ae7f76 Bump version to 4.7.1 2023-09-20 11:01:19 +02:00
Leonardo Quiceno
8cc5c8b0bb Add Amazon Linux 2023 VDT support 2023-09-18 12:55:54 -05:00
Gonzalo Acuña
536dd51aa7 Merge pull request #1000 from wazuh/18966-error-in-wazuh-docker-startup
Error in Wazuh Docker startup
2023-09-18 14:37:34 -03:00
Gonzalo Acuña
088b855f73 Merge pull request #997 from wazuh/990-persist-logo
Persist the custom logo in the Wazuh dashboard
2023-09-18 14:14:30 -03:00
vcerenu
5769159cf9 change RBAC database procedure 2023-09-18 12:05:29 -03:00
Gonzalo Acuña
41515e9c49 Merge pull request #998 from wazuh/258-shuffle-permanent-data
Check the permanent_data.env file and include any missing files
2023-09-15 14:44:27 -03:00
vcerenu
0fbbf5aee2 add shuffle scripts into permanent data 2023-09-15 13:31:00 -03:00
vcerenu
37f565bb8a add custom directory and persistence 2023-09-15 12:49:32 -03:00
vcerenu
2ac53b9b3d add custom directory and persistence 2023-09-15 12:41:05 -03:00
Gonzalo Acuña
d1c252c6c0 Merge pull request #996 from wazuh/979-remove-goss-from-manager-image
Remove goss install
2023-09-14 16:14:58 -03:00
vcerenu
e9f689dbfc remove goss directory 2023-09-14 15:17:13 -03:00
vcerenu
be19c70082 remove goss install 2023-09-14 12:25:57 -03:00
Gonzalo Acuña
0c6077c3e0 Merge pull request #992 from wazuh/984-build-imagessh-script-is-not-capable-of-using-repos-majorminorpatch-branches
Change wazuh template origin
2023-09-13 11:09:44 -03:00
vcerenu
de7754364d change wazuh template origin 2023-09-12 15:49:31 -03:00
Gonzalo Acuña
73ada94ed6 Merge pull request #988 from wazuh/987-add-support-to-define-the-default-value-of-extensionsgithub-and-extensionsoffice-in-the-wazuh-dashboard-docker-image
Add extensions into wazuh.yml
2023-09-08 14:13:00 -03:00
vcerenu
63817dfd55 add extensions for wazuh.yml 2023-09-07 12:15:25 -03:00
Gonzalo Acuña
17029c5510 Merge pull request #985 from wazuh/merge-4.6.0-into-4.7.0
Merge `4.6.0` into `4.7.0`
2023-09-07 10:43:35 -03:00
David Correa Rodríguez
2234517218 Merge branch '4.6.0' into merge-4.6.0-into-4.7.0 2023-09-07 14:41:11 +02:00
Gonzalo Acuña
637110c278 Merge pull request #983 from wazuh/merge-4.5.3-into-4.6.0
Merge `4.5.3` into `4.6.0`
2023-09-07 09:01:40 -03:00
David Correa Rodríguez
b18c068650 Added empty line to changelog 2023-09-07 13:58:32 +02:00
David Correa Rodríguez
9a871dbbcb Merge branch '4.5.3' into merge-4.5.3-into-4.6.0 2023-09-07 13:39:58 +02:00
Gonzalo Acuña
1fae0d3452 Merge pull request #982 from wazuh/merge-4.5.2-into-4.5.3
Merge `4.5.2` into `4.5.3`
2023-09-07 08:12:25 -03:00
David Correa Rodríguez
0a4c057492 Merge branch '4.5.2' into merge-4.5.2-into-4.5.3 2023-09-07 10:29:02 +02:00
David Jose Iglesias Lopez
2902a0ce0b Merge pull request #977 from wazuh/bump-revision-40505
Bump revision to 40505
2023-09-04 11:49:42 +02:00
David Correa Rodríguez
c0fb4172f3 Bump revision to 40505 2023-09-04 11:11:37 +02:00
Gonzalo Acuña
8886e2347e Merge pull request #968 from wazuh/951-fix-wazuh-dashboard-modules-persist
Fixed Wazuh dashboard modules persistency
2023-08-30 15:06:24 -03:00
Gonzalo Acuña
f1d8565989 Merge pull request #971 from wazuh/bump-4.5.3
Bump to `4.5.3`
2023-08-29 08:28:50 -03:00
David Correa Rodríguez
e5abd5d24e Bump to 4.5.3 2023-08-29 11:29:26 +02:00
David Correa Rodríguez
902b0d8e52 Fixed Wazuh dashboard modules persistency 2023-08-28 13:11:25 +02:00
Gonzalo Acuña
b377a0f6eb Merge pull request #966 from wazuh/18542-vdt-bookworm-support
Add Debian Bookworm to VDT default configuration
2023-08-25 13:17:17 -03:00
Mateo Cervilla
44e9bebed0 Add Debian Bookworm VDT support 2023-08-25 12:24:01 -03:00
Gonzalo Acuña
2de4a28098 Merge pull request #962 from wazuh/merge-4.6.0-into-4.7.0
Merge 4.6.0 into 4.7.0
2023-08-24 13:14:32 -03:00
Gonzalo Acuña
760fc8ccbf Merge pull request #961 from wazuh/merge-4.5.2-into-4.6.0
Merge 4.5.2 into 4.6.0
2023-08-24 13:10:01 -03:00
vcerenu
44303d3701 resolving conflicts 2023-08-24 12:45:02 -03:00
Gonzalo Acuña
c0d97893a4 Merge pull request #960 from wazuh/merge-4.5.1-into-4.5.2
Merge 4.5.1 into 4.5.2
2023-08-24 12:31:06 -03:00
vcerenu
0826f2c176 change revision 2023-08-24 12:23:15 -03:00
vcerenu
d531b8dd72 Resolving conflicts 2023-08-24 12:06:35 -03:00
Gonzalo Acuña
41267d4ddf Merge pull request #946 from wazuh/944-bump-revision-2
Revision update
2023-08-17 12:20:42 -03:00
Gonzalo Acuña
67f34fb8fe Revision update 2023-08-17 12:17:12 -03:00
Gonzalo Acuña
865f7625f4 Merge pull request #945 from wazuh/944-bump-revision
Revision update
2023-08-17 09:02:13 -03:00
Gonzalo Acuña
c56952eaa0 Revision update 2023-08-17 08:56:16 -03:00
Gonzalo Acuña
cb7d8785c6 Merge pull request #930 from wazuh/926-update-the-vulnerability-detector-default-configuration-block-with-missing-providers
Update the vulnerability detector default configuration block with missing providers
2023-08-14 15:19:54 -03:00
vcerenu
f1001c2f25 add jammy version into VD 2023-08-11 15:45:26 -03:00
Gonzalo Acuña
17ed766228 Merge pull request #937 from wazuh/merge-4.6.0-into-4.7.0
Merge `4.6.0` into `4.7.0`
2023-08-11 08:14:30 -03:00
David Correa Rodríguez
6c91bac96d Merge pull request #936 from wazuh/merge-4.5.2-into-4.6.0
Merge `4.5.2` into `4.6.0`
2023-08-11 12:39:39 +02:00
David Correa Rodríguez
216b5a6818 Merge pull request #935 from wazuh/merge-4.5.1-into-4.5.2
Merge `4.5.1` into `4.5.2`
2023-08-11 12:25:04 +02:00
David Correa Rodríguez
e19fa14013 Merge pull request #934 from wazuh/merge-4.5-into-4.5.1
Merge `4.5` into `4.5.1`
2023-08-11 11:58:49 +02:00
vcerenu
57c7eaa5af remove stretch and add rhel 9 into VD 2023-08-10 16:46:21 -03:00
vcerenu
fbe073612c add suse vd options 2023-08-10 09:19:59 -03:00
Gonzalo Acuña
1dec665a97 Merge pull request #925 from wazuh/10774-alma-support
Updating vulnerability detector default configuration with AlmaLinux support
2023-08-09 09:46:28 -03:00
pereyra-m
757e5dbf05 Updating ossec.conf file with the AlmaLinux support in the vulnerability detector section 2023-08-07 17:32:03 -03:00
Gonzalo Acuña
32b1d88e36 Merge pull request #919 from wazuh/917-fix-conditional-block-in-build-imagesh-script
Fixed conditional block in images building
2023-08-03 10:02:24 -03:00
David Correa Rodríguez
94be842afc Restored IMAGE_VERSION variable 2023-08-03 11:51:01 +02:00
David Correa Rodríguez
d20bbe247c Fixed conditional block in images building 2023-08-03 11:45:56 +02:00
Gonzalo Acuña
e01d39e138 Merge pull request #915 from wazuh/911-typos-in-the-script
Typos in the script in charge of create Wazuh indexer's certificates
2023-08-01 13:50:24 -03:00
vcerenu
1eeca6267b fix typos in cert generator image 2023-08-01 13:07:04 -03:00
Gonzalo Acuña
d755ffbac8 Merge pull request #914 from wazuh/6282-add-notes-about
Modify ulimit
2023-08-01 12:01:13 -03:00
vcerenu
221c3ccd24 add ulimit parameter to wazuh manager deploy 2023-07-31 13:19:13 -03:00
vcerenu
1ff589ccaf add ulimit parameter to wazuh manager deploy 2023-07-31 13:16:15 -03:00
Victor Ereñú
d4c98491fc Merge pull request #910 from wazuh/909-deprecate-update_from_year-to-use-nvd-api-20-feeds
Delete update_from_year parameter
2023-07-26 13:55:52 -03:00
vcerenu
673c28b637 delete update_from_year parameter 2023-07-26 13:40:54 -03:00
Gonzalo Acuña
7d3bea67f7 Merge pull request #899 from wazuh/merge-4.6.0-into-4.7.0
Merge `4.6.0` into `4.7.0`
2023-07-21 10:07:45 -03:00
Gonzalo Acuña
3953986652 Merge pull request #898 from wazuh/merge-4.5.2-into-4.6.0
Merge `4.5.2` into `4.6.0`
2023-07-21 08:27:24 -03:00
Gonzalo Acuña
f2dab81387 Merge branch '4.6.0' into merge-4.5.2-into-4.6.0 2023-07-21 08:15:57 -03:00
Gonzalo Acuña
da82008a75 Merge pull request #894 from wazuh/bump-4.5.2
Bump to 4.5.2
2023-07-19 08:55:24 -03:00
vcerenu
54975ab099 Bump to 4.5.2 2023-07-19 08:43:17 -03:00
Victor Ereñú
a9d505b316 Merge pull request #887 from wazuh/merge-4.6.0-into-master
Merge 4.6.0 into master
2023-07-11 12:20:01 -03:00
vcerenu
a0899a8358 resolving merge conflicts 2023-07-11 12:17:06 -03:00
Carlos Bordon
b27d991f0c Merge pull request #886 from wazuh/merge-4.5.1-into-4.6.0
Merge 4.5.1 into 4.6.0
2023-07-11 12:04:34 -03:00
vcerenu
4d0aa57ed2 resolving merge conflicts 2023-07-11 11:49:32 -03:00
Carlos Bordon
1a75d4eb77 Merge pull request #885 from wazuh/merge-4.5.0-into-4.5.1
Merge 4.5.0 into 4.5.1
2023-07-11 11:34:52 -03:00
vcerenu
247555b1b6 resolving merge conflicts 2023-07-11 11:21:00 -03:00
Carlos Bordon
442d457933 Merge pull request #884 from wazuh/merge-4.4-into-4.5.0
Merge 4.4 into 4.5.0
2023-07-11 10:42:52 -03:00
vcerenu
0f65448718 resolving merge conflicts 2023-07-11 09:41:16 -03:00
Victor Ereñú
a9533264d6 Merge pull request #883 from wazuh/merge-4.4.5-into-4.4
Merge 4.4.5 into 4.4
2023-07-11 09:26:12 -03:00
Carlos Bordon
ce8dd29425 Merge pull request #879 from wazuh/4.4.5-bump-revision
Bump revision
2023-07-10 09:00:24 -03:00
vcerenu
a433989865 bump revision 2023-07-10 08:42:14 -03:00
Gonzalo Acuña
ff1e5f991a Merge pull request #878 from wazuh/bump-4.4.5
Bump to 4.4.5
2023-07-07 08:48:54 -03:00
Gonzalo Acuña
55ee49aff5 Bumped to 4.4.5 2023-07-07 08:39:57 -03:00
Gonzalo Acuña
75f92308a1 Merge pull request #877 from wazuh/merge-4.4.4-into-4.4
Merge `4.4.4` into `4.4`
2023-07-07 08:32:11 -03:00
Victor Ereñú
61c37a78de Merge pull request #874 from wazuh/bump-4-5-1
Bump version 4.5.1
2023-06-26 14:07:42 -03:00
vcerenu
39208c513c bump version 4.5.1 2023-06-26 13:35:29 -03:00
vcerenu
3650feeb0e bump version 4.5.0 2023-06-26 09:40:14 -03:00
Victor Ereñú
f4f99f17b7 Merge pull request #872 from wazuh/bump-4-6
Bump 4.6 version
2023-06-23 12:36:30 -03:00
David Jose Iglesias Lopez
3c9b5ac717 Merge pull request #871 from wazuh/bump-4-7
Bump 4.7 version
2023-06-23 16:29:44 +02:00
vcerenu
8e3b8aada8 bump 4.6 version 2023-06-23 10:33:35 -03:00
vcerenu
6a98b87b8e bump 4.7 version 2023-06-22 17:26:55 -03:00
Gonzalo Acuña
56dbf052c9 Merge pull request #867 from wazuh/merge-4.5-into-master
Merge `4.5` into `master`
2023-06-14 16:36:31 -03:00
Gonzalo Acuña
7abaea9b4c Merge pull request #866 from wazuh/merge-4.4.5-into-4.5
Merge `4.4.5` into `4.5`
2023-06-14 15:48:43 -03:00
Gonzalo Acuña
303b64c7ae Merge branch '4.5' into merge-4.4.5-into-4.5 2023-06-14 15:16:14 -03:00
Gonzalo Acuña
2340db4079 Merge pull request #865 from wazuh/merge-4.4-into-4.4.5
Merge `4.4` into `4.4.5`
2023-06-14 14:50:59 -03:00
Gonzalo Acuña
9159eda943 Merge branch '4.4.5' into merge-4.4-into-4.4.5 2023-06-14 14:07:23 -03:00
Gonzalo Acuña
d278782134 Merge pull request #858 from wazuh/merge-4-4-4-to-4-4
Bump `4.4` to `4.4.4`
2023-06-13 15:58:51 -03:00
Gonzalo Acuña
77725b7eb2 Revision bump 2023-06-13 13:19:35 -03:00
Gonzalo Acuña
4e7c2cf72a Revision bump 2023-06-12 09:38:35 -03:00
Gonzalo Acuña
41196a5529 Bump to 4.4.5 2023-06-05 11:44:32 -03:00
Gonzalo Acuña
8ce1f36f10 Revision update 2023-06-05 11:42:10 -03:00
Gonzalo Acuña
e2e95a5c57 Bump to 4.4.4 2023-06-05 11:38:58 -03:00
Raul Del Pozo Moreno
1238820b6c Merge pull request #854 from wazuh/master-merge-4.5
Merge `4.5` into `master`
2023-05-29 18:09:23 +02:00
Raul Del Pozo Moreno
f168bd62fe Merge remote-tracking branch 'origin/4.5' into master-merge-4.5 2023-05-29 16:36:14 +02:00
Raul Del Pozo Moreno
2058734154 Merge pull request #853 from wazuh/4.5-merge-4.4
Merge `4.4` into `4.5`
2023-05-29 16:34:48 +02:00
Raul Del Pozo Moreno
4e34f1f7b7 Merge remote-tracking branch 'origin/4.4' into 4.5-merge-4.4 2023-05-26 18:51:03 +02:00
Raul Del Pozo Moreno
b259665fc6 Merge pull request #851 from wazuh/bump-4.4.3
Bump `4.4` to `4.4.3`
2023-05-26 14:13:58 +02:00
Raul Del Pozo Moreno
820079f1d0 Bump to 4.4.3 2023-05-25 20:03:26 +02:00
Gonzalo Acuña
efc8ab88df Merge pull request #848 from wazuh/merge-4.5-master
Merge 4.5 into master
2023-05-22 09:56:01 -03:00
Raul Del Pozo Moreno
f71616939e Merge remote-tracking branch 'origin/4.5' into merge-4.5-master 2023-05-18 22:43:04 +02:00
Raul Del Pozo Moreno
9a9fac6243 Merge pull request #847 from wazuh/merge-4.4-4.5
Merge `4.4` into `4.5`
2023-05-18 22:38:07 +02:00
Raul Del Pozo Moreno
11d15670f4 Merge remote-tracking branch 'origin/4.4' into merge-4.4-4.5 2023-05-18 22:27:31 +02:00
Raul Del Pozo Moreno
7427eff847 Added missing config 2023-05-18 22:14:26 +02:00
Jesse Roland
5abe95a0f1 Add DASHBOARD_USERNAME and DASHBOARD_PASSWORD environment variables to
the dashboard container.

Resolves https://github.com/wazuh/wazuh-docker/issues/823
2023-05-18 22:06:26 +02:00
vcerenu
fed4302744 change filename 2023-05-18 22:06:25 +02:00
vcerenu
750aa90b91 change cron schedule 2023-05-18 22:06:24 +02:00
vcerenu
aec90c2f3d change schedule 2023-05-18 22:06:24 +02:00
vcerenu
84a40b9eea fix wazuh manager test name 2023-05-18 22:06:23 +02:00
vcerenu
57c63bc60e add vuln scans 2023-05-18 22:06:22 +02:00
vcerenu
dd46f8a2c1 bump 4.6 version 2023-05-18 22:06:21 +02:00
vcerenu
76a38f68b5 bump 4.3 into master 2023-05-18 22:05:55 +02:00
vcerenu
4caf18f12c bump 4.3 into master 2023-05-18 22:05:38 +02:00
fcaffieri
ea11d66f42 Add fix to avoid GLIBC crash, fix identation 2023-05-18 22:05:14 +02:00
fcaffieri
02a75a7678 Add fix to avoid GLIBC crash 2023-05-18 22:05:13 +02:00
fcaffieri
7e0311e99a disable filebeat metrics 2023-05-18 22:05:12 +02:00
vcerenu
e939010507 bump release 4.5.0 2023-05-18 22:05:00 +02:00
vcerenu
b7bce45e82 bump release 4.5.0 2023-05-18 22:04:56 +02:00
vcerenu
697b7538cc bump release 4.5.0 2023-05-18 22:04:56 +02:00
vcerenu
2cbf64dafa change revision 2023-05-18 22:04:21 +02:00
vcerenu
638d548d74 bump 4.4.1 version 2023-05-18 22:04:21 +02:00
vcerenu
d6f19cebf5 disable cluster option 2023-05-18 22:04:20 +02:00
Gonzalo Acuña
944c6aa4c8 Revert "Bump 4.4 to 4.4.1" 2023-05-18 22:04:19 +02:00
vcerenu
5e3676e125 bump 4.4.1 version 2023-05-18 22:04:18 +02:00
vcerenu
fd9c09a7e5 change dashboard and indexer base repository 2023-05-18 22:03:47 +02:00
vcerenu
395b769b6a change revision number 2023-05-18 22:03:47 +02:00
vcerenu
ee46520701 update docs count 2023-05-18 22:03:46 +02:00
vcerenu
b838023509 modify base path 2023-05-18 22:03:45 +02:00
vcerenu
be9019a065 fix index alerts test 2023-05-18 22:03:42 +02:00
vcerenu
42193f4cfa fix index alerts test 2023-05-18 22:03:42 +02:00
vcerenu
6e7b1c2899 change indexer and manager configuration for 4.4 version 2023-05-18 22:03:41 +02:00
vcerenu
06a1efc094 add revision into versions parameter 2023-05-18 22:03:40 +02:00
vcerenu
e9764b0a6a add 4.4 version 2023-05-18 22:03:39 +02:00
vcerenu
6398b66e10 add 4.4 version 2023-05-18 22:03:38 +02:00
vcerenu
70938d52d2 add 4.4 version 2023-05-18 22:03:38 +02:00
fcaffieri
d5932ac4a1 Add fix to avoid GLIBC crash, fix identation 2023-05-18 22:03:27 +02:00
fcaffieri
4b621466a0 Add fix to avoid GLIBC crash 2023-05-18 22:03:25 +02:00
fcaffieri
e24d17f730 disable filebeat metrics 2023-05-18 22:03:24 +02:00
vcerenu
b33aea9ef8 fix whitelist 2023-05-18 22:03:14 +02:00
Alberto R
3525003ef7 Bumped to 4.4.0 2023-05-18 22:03:03 +02:00
Gonzalo Acuña
00a94ce5b0 Bump to 4.2.6 2023-05-18 22:02:33 +02:00
Raul Del Pozo Moreno
e826236a28 Added missing config 2023-05-18 21:30:38 +02:00
vcerenu
137989ddd1 bump 4.3 into master 2023-05-18 21:26:28 +02:00
vcerenu
0d76a85ded bump 4.3 into master 2023-05-18 21:26:08 +02:00
fcaffieri
e95455a12b Add fix to avoid GLIBC crash, fix identation 2023-05-18 21:25:37 +02:00
fcaffieri
887293d474 Add fix to avoid GLIBC crash 2023-05-18 21:25:36 +02:00
fcaffieri
ae20f302c0 disable filebeat metrics 2023-05-18 21:25:36 +02:00
vcerenu
08314f9e2e bump release 4.5.0 2023-05-18 21:25:07 +02:00
vcerenu
c6f1f31d57 bump release 4.5.0 2023-05-18 21:25:00 +02:00
vcerenu
312466704d bump release 4.5.0 2023-05-18 21:25:00 +02:00
Gonzalo Acuña
d00fc0ccf6 Revision update 2023-05-18 21:24:16 +02:00
vcerenu
42ea26b3bd bump 4.4.2 version 2023-05-18 21:24:15 +02:00
Jesse Roland
fe75f8fb4e Add DASHBOARD_USERNAME and DASHBOARD_PASSWORD environment variables to
the dashboard container.

Resolves https://github.com/wazuh/wazuh-docker/issues/823
2023-05-18 21:23:36 +02:00
vcerenu
8b1ed497ab change revision number 2023-05-18 21:23:35 +02:00
vcerenu
195b34c259 bump 4.3.11 version 2023-05-18 21:23:34 +02:00
vcerenu
08c9b95455 change revision 2023-05-18 21:22:46 +02:00
Gonzalo Acuña
028b5f6034 Revision update 2023-05-18 21:05:42 +02:00
vcerenu
cd7dc4c7cf bump 4.4.2 version 2023-05-18 21:05:41 +02:00
Jesse Roland
40faad148d Add DASHBOARD_USERNAME and DASHBOARD_PASSWORD environment variables to
the dashboard container.

Resolves https://github.com/wazuh/wazuh-docker/issues/823
2023-05-18 21:04:33 +02:00
vcerenu
02aaf45e9d change revision number 2023-05-18 21:04:32 +02:00
vcerenu
cd9f211eb3 bump 4.3.11 version 2023-05-18 21:04:31 +02:00
vcerenu
20c8000fec change revision 2023-05-18 21:02:52 +02:00
Gonzalo Acuña
095d878b04 Merge pull request #825 from wazuh/bump-4-3-11
Bump 4.3 to 4.3.11
2023-04-24 10:56:52 -03:00
vcerenu
53903126cf change revision number 2023-04-24 09:17:02 -03:00
vcerenu
63ceab20b0 bump 4.3.11 version 2023-04-19 16:59:53 -03:00
vcerenu
8ada4445b0 bump 4.4.1 version 2023-04-10 10:20:48 -03:00
Gonzalo Acuña
1c69a38bd8 Merge pull request #813 from wazuh/807-docker-update-from-4310-to-440
Disable cluster option
2023-04-05 14:52:28 -03:00
vcerenu
615d6df29c disable cluster option 2023-04-05 13:55:24 -03:00
Gonzalo Acuña
949a465855 Merge pull request #811 from wazuh/revert-799-bump-4-4-1
Revert "Bump `4.4` to `4.4.1`"
2023-04-05 13:49:23 -03:00
Gonzalo Acuña
f7bbac5a08 Revert "Bump 4.4 to 4.4.1" 2023-04-05 13:46:20 -03:00
Gonzalo Acuña
11820b01e9 Merge pull request #799 from wazuh/bump-4-4-1
Bump `4.4` to `4.4.1`
2023-03-31 11:02:25 -03:00
vcerenu
a8de452002 bump 4.4.1 version 2023-03-31 10:27:58 -03:00
Victor Ereñú
c76681b3b9 Merge pull request #794 from wazuh/modify-base-dashboard
Change dashboard and indexer base repository
2023-03-28 17:09:15 -03:00
vcerenu
e25635cb25 change dashboard and indexer base repository 2023-03-28 16:59:49 -03:00
Gonzalo Acuña
304eedcb51 Merge pull request #793 from wazuh/bump_4-4
Change revision number
2023-03-28 10:03:41 -03:00
vcerenu
6123ab994c change revision number 2023-03-28 09:07:24 -03:00
Gonzalo Acuña
2f58da59de Merge pull request #776 from wazuh/change_password
Update indexer password
2023-02-01 10:59:11 -03:00
vcerenu
3279931813 update docs count 2023-02-01 10:33:26 -03:00
vcerenu
b039567e1c update indexer password 2023-02-01 10:02:35 -03:00
Gonzalo Acuña
3190c4246e Merge pull request #766 from wazuh/765-change-wazuh-dashboard-and-indexer-base-path
Modify base path
2022-12-27 08:11:21 -03:00
vcerenu
271f421cd4 modify base path 2022-12-26 11:12:16 -03:00
Gonzalo Acuña
5fb369f9e8 Merge pull request #764 from wazuh/756-indexer-password
Indexer password updated in README.md
2022-12-19 16:03:14 -03:00
Gonzalo Acuña
6ddaecd7b5 Indexer password updated in README.md 2022-12-19 14:59:35 -03:00
Alberto Rodríguez
910e28956b Merge pull request #760 from wazuh/merge-4.4
Version check fix
2022-12-02 17:19:02 +01:00
vcerenu
dcf8bb8060 fix index alerts test 2022-12-02 12:42:01 -03:00
vcerenu
be9f3d1b90 fix index alerts test 2022-12-02 11:36:35 -03:00
vcerenu
91625f412c change indexer and manager configuration for 4.4 version 2022-12-01 19:35:35 -03:00
vcerenu
4c7dcb2ebf add revision into versions parameter 2022-12-01 13:32:43 -03:00
vcerenu
8febf33d58 add 4.4 version 2022-12-01 13:02:13 -03:00
Alberto Rodríguez
3d19774d7e Merge pull request #758 from wazuh/merge-4.4
Merge 4.3 in 4.4 branch
2022-12-01 16:23:05 +01:00
vcerenu
e11e7a10b8 add 4.4 version 2022-12-01 11:58:21 -03:00
vcerenu
7f73635651 add 4.4 version 2022-11-30 15:35:16 -03:00
vcerenu
e9a0be25ce resolving conflicts in 4.3 merge 2022-11-30 15:27:48 -03:00
Alberto Rodríguez
c87580cfb5 Merge pull request #754 from wazuh/753-opensearch_java_opts-duplicate-parameters
Remove Xms and Xmx parameter into jvm.options
2022-11-29 15:45:36 +01:00
Alberto Rodríguez
e0cd80c105 Update build-docker-images/wazuh-indexer/config/config.sh 2022-11-29 15:44:36 +01:00
vcerenu
796751aec9 remove Xms and Xmx parameter into jvm.options 2022-11-28 17:24:13 -03:00
Alberto Rodríguez
15205ada03 Merge pull request #742 from wazuh/bump-4-3-10
Bump 4.3 to 4.3.10
2022-11-11 16:20:58 +01:00
vcerenu
c1bfc450ba bump 4.3.10 version 2022-11-11 11:34:09 -03:00
Gonzalo Acuña
b08fd3e384 Merge pull request #726 from wazuh/bump-4-3-9
Bump 4.3 to 4.3.9
2022-10-11 09:47:12 -03:00
vcerenu
fd08279f32 bump 4.3.9 version 2022-10-06 14:25:56 -03:00
Gonzalo Acuña
f42b30b71d Merge pull request #720 from wazuh/bump-4-3-8
Bump 4.3 to 4.3.8
2022-09-14 12:15:09 -03:00
vcerenu
7555453d55 bump 4.3.8 version 2022-09-14 10:39:31 -03:00
vcerenu
22b77749fa bump 4.3.8 version 2022-09-12 15:37:47 -03:00
José Fernández Aguilera
6c094d07a6 Merge pull request #719 from wazuh/4.4-add-double-quote
Add Double Quote on password
2022-09-12 17:04:35 +02:00
vcerenu
b6959c8b15 doble quote for password 2022-09-09 15:29:07 -03:00
José Fernández Aguilera
28e21b0282 Merge pull request #717 from wazuh/714-modify-password
Add Double Quote on password
2022-09-09 08:52:18 +02:00
vcerenu
b83dcc087e doble quote for password 2022-09-08 12:17:45 -03:00
vcerenu
19c23456ec readme 2022-08-24 11:45:55 -03:00
José Fernández Aguilera
f99721e98b Merge pull request #708 from wazuh/bump-4-3-7
Bump 4.3 to 4.3.7
2022-08-17 08:23:32 +02:00
vcerenu
38271d7797 bump 4.3.7 version 2022-08-12 12:44:20 -03:00
vcerenu
c278f6a503 bump 4.3.7 version 2022-08-12 12:02:04 -03:00
vcerenu
d6ba8c3661 Merge pull request #707 from wazuh/695-change-indexer-username
Filebeat parameters
2022-08-12 10:39:19 -03:00
vcerenu
1db718ffc8 fix replace filebeat parameters 2022-08-10 16:15:17 -03:00
vcerenu
cf137c6703 Merge pull request #706 from wazuh/MigrationTo43-WazuhManagerNew
Fix permissions/ownership issue for Wazuh manager migration (4.2 -> 4.3)
2022-08-09 11:41:16 -03:00
Elwali karkoub
6f966cb01a Update 0-wazuh-init 2022-08-09 07:42:12 +02:00
José Fernández Aguilera
8bc11c48d9 Merge pull request #698 from wazuh/change-readme
Update Readme
2022-07-27 12:39:00 +02:00
vcerenu
be1bc64e0f update api and dashboard user 2022-07-26 09:27:01 -03:00
José Fernández Aguilera
80e8057f79 Merge pull request #694 from wazuh/bump-4-3-6
Bump 4.3 to 4.3.6
2022-07-19 12:49:07 +02:00
vcerenu
296de14886 bump 4.3.6 version 2022-07-18 10:25:01 -03:00
José Fernández Aguilera
0245a7e0d8 Merge pull request #692 from wazuh/fix-key-generator
Fix certificate generator
2022-07-08 09:06:54 +02:00
vcerenu
a9ea60b951 fix uid and gid for wazuh manager keys 2022-07-07 11:40:15 -03:00
José Fernández Aguilera
b98d32d4ca Merge pull request #691 from wazuh/1665-Fix-filebeat-crash-due-to-glibc-to4.4
Add fix to avoid GLIBC crash
2022-07-07 09:00:19 +02:00
José Fernández Aguilera
23cb7417bc Merge pull request #689 from wazuh/1665-Fix-filebeat-crash-due-to-glibc-to4.3
Add fix to avoid GLIBC crash
2022-07-07 08:59:47 +02:00
fcaffieri
4c710e6c20 Add fix to avoid GLIBC crash, fix identation 2022-07-06 18:01:53 -03:00
fcaffieri
adf95cd132 Add fix to avoid GLIBC crash, fix identation 2022-07-06 18:01:13 -03:00
fcaffieri
f97a719304 Add fix to avoid GLIBC crash 2022-07-06 17:35:20 -03:00
fcaffieri
b6aa782730 Add fix to avoid GLIBC crash 2022-07-06 17:34:56 -03:00
José Fernández Aguilera
bf534b4143 Merge pull request #687 from wazuh/1667-disable-filebeat-metrics-to4.4
Disable filebeat metrics
2022-07-04 16:02:24 +02:00
José Fernández Aguilera
1d8d594a44 Merge pull request #685 from wazuh/1667-disable-filebeat-metrics-to4.3
Disable filebeat metrics
2022-07-04 15:59:55 +02:00
fcaffieri
a82cc9ec39 disable filebeat metrics 2022-07-04 09:18:11 -03:00
fcaffieri
265dfd39bf disable filebeat metrics 2022-07-04 09:16:57 -03:00
fcaffieri
8d9ad6152a disable filebeat metrics 2022-07-01 17:45:23 -03:00
fcaffieri
28641accc2 disable filebeat metrics 2022-07-01 17:41:19 -03:00
Gonzalo Acuña
5774b93977 Merge pull request #684 from wazuh/fix-keystore-create
Add option to recreate keystore in entrypoint
2022-07-01 12:16:43 -03:00
vcerenu
9c0676014c add option to recreate keystore in entrypoint 2022-07-01 11:37:44 -03:00
vcerenu
f933733a85 add option to recreate keystore in entrypoint 2022-07-01 10:59:52 -03:00
José Fernández Aguilera
2f2b8bc1f5 Merge pull request #682 from wazuh/bump-4-3-5
Change readme note from Docker images build
2022-06-30 11:54:24 +02:00
vcerenu
868424cdd2 Change readme note for build docker images process 2022-06-29 13:17:59 -03:00
vcerenu
84c4aab03d Change readme note for build docker images process 2022-06-29 12:35:24 -03:00
Alberto Rodríguez
3d4521c7d8 Merge pull request #678 from wazuh/bump-4-3-5
Bump 4.3 to 4.3.5
2022-06-24 09:53:14 +02:00
vcerenu
46ec0bd67f Add tag revision for Wazuh indexer and dashboard 2022-06-23 18:27:24 -03:00
vcerenu
61791c1984 Bump 4.3.5 2022-06-23 15:36:27 -03:00
Alberto Rodríguez
2fe1eaea8f Merge pull request #676 from wazuh/fix_ck_conf
Modify variables
2022-06-22 15:32:29 +02:00
vcerenu
dc7691808b modify variable 2022-06-21 12:20:44 -03:00
vcerenu
c3375e0141 modify variable 2022-06-21 11:46:25 -03:00
Alberto Rodríguez
5d98c157f8 Merge pull request #669 from wazuh/fix-test-ci
CI Docker
2022-06-20 15:42:22 +02:00
vcerenu
0f2b153123 Test CI 2022-06-14 13:21:07 -03:00
vcerenu
a84ff7b1ff Test CI 2022-06-14 12:50:21 -03:00
vcerenu
672d1fc67a Test CI 2022-06-13 15:27:23 -03:00
vcerenu
ecef793c7f Test CI 2022-06-10 17:12:38 -03:00
vcerenu
8fb1b51d08 Test CI 2022-06-10 16:53:45 -03:00
vcerenu
9b9c422dea Test CI 2022-06-10 16:37:34 -03:00
vcerenu
3059de4c9f Test CI 2022-06-10 16:20:06 -03:00
vcerenu
d6557165da Test CI 2022-06-10 16:19:12 -03:00
vcerenu
174cf64b9b Test CI 2022-06-10 16:17:48 -03:00
vcerenu
d3954c9f8d Test CI 2022-06-10 15:34:15 -03:00
vcerenu
6dbfc1bbbf Test CI 2022-06-10 15:33:42 -03:00
vcerenu
20d065cce3 Test CI 2022-06-10 10:53:31 -03:00
vcerenu
de41cd08c9 Test CI 2022-06-10 10:23:56 -03:00
vcerenu
1c80201dc9 Test CI 2022-06-10 09:19:06 -03:00
vcerenu
f5ba9370ea Test CI 2022-06-09 16:41:50 -03:00
vcerenu
94f62d25d3 Test CI 2022-06-09 16:23:58 -03:00
vcerenu
0384112385 Test CI 2022-06-09 15:38:58 -03:00
vcerenu
8d4c6c4170 Test CI 2022-06-09 15:37:03 -03:00
vcerenu
919eab0c84 Test CI 2022-06-09 15:28:44 -03:00
vcerenu
01e616ce76 Test CI 2022-06-09 15:19:02 -03:00
vcerenu
46740f306a Test CI 2022-06-09 15:16:59 -03:00
vcerenu
b718d753de Test CI 2022-06-09 15:15:21 -03:00
vcerenu
731d3c3622 Test CI 2022-06-09 15:14:39 -03:00
vcerenu
c17cc9a15b Test CI 2022-06-09 12:32:29 -03:00
vcerenu
8976d2f5b6 Test CI 2022-06-09 12:19:22 -03:00
vcerenu
03764ea251 Test CI 2022-06-09 12:18:37 -03:00
Volm, David
7c642638ff Allow other Exceptions to bubble up a stack trace instead of silently failing in create_user.py 2022-06-09 16:24:43 +02:00
vcerenu
6591e9ae68 Test CI 2022-06-09 10:36:10 -03:00
vcerenu
961b8bad21 Test CI 2022-06-09 09:24:57 -03:00
vcerenu
ddc03699e5 Test CI 2022-06-08 18:36:09 -03:00
vcerenu
b28ae3b3ab Test CI 2022-06-08 18:25:19 -03:00
vcerenu
67dc3e6e36 Test CI 2022-06-08 18:17:10 -03:00
vcerenu
a34e0af547 Test CI 2022-06-08 18:14:12 -03:00
vcerenu
42c2ea5dba Test CI 2022-06-08 18:07:40 -03:00
vcerenu
b95e02d41d Test CI 2022-06-08 18:00:25 -03:00
vcerenu
8e8b53e6e1 Test CI 2022-06-08 17:49:46 -03:00
vcerenu
40f55cfb53 Test CI 2022-06-08 17:26:35 -03:00
vcerenu
a626216643 Test CI 2022-06-08 17:16:38 -03:00
vcerenu
0d7d4694fd Test CI 2022-06-08 17:11:13 -03:00
vcerenu
8ae1cd3f9d Test CI 2022-06-08 17:08:28 -03:00
vcerenu
f06a7ec961 Test CI 2022-06-08 17:02:53 -03:00
vcerenu
3656850b56 Test CI 2022-06-08 17:00:01 -03:00
vcerenu
426670017f Test CI 2022-06-08 16:55:56 -03:00
vcerenu
22958aaf5e Test CI 2022-06-08 16:52:10 -03:00
vcerenu
35dfd86837 Test CI 2022-06-08 16:47:02 -03:00
vcerenu
d4b0d60a54 Test CI 2022-06-08 16:41:56 -03:00
vcerenu
19a5a37bdf Test CI 2022-06-08 16:38:41 -03:00
vcerenu
0e2d942666 Test CI 2022-06-08 16:34:29 -03:00
vcerenu
0c2cb412fb Test CI 2022-06-08 16:29:57 -03:00
vcerenu
8748cd1ae2 Test CI 2022-06-08 16:26:57 -03:00
vcerenu
604232960b Test CI 2022-06-08 16:23:39 -03:00
vcerenu
5e211d2b13 Test CI 2022-06-08 16:20:25 -03:00
vcerenu
1a60522c27 Test CI 2022-06-08 16:11:00 -03:00
vcerenu
e9c2f59c94 Test CI 2022-06-08 16:07:24 -03:00
vcerenu
451e91e407 Test CI 2022-06-08 15:57:13 -03:00
vcerenu
439a3fe252 Test CI 2022-06-08 15:45:48 -03:00
vcerenu
17389682a4 Test CI 2022-06-08 13:01:30 -03:00
vcerenu
719dc7dd16 Test CI 2022-06-08 12:55:37 -03:00
vcerenu
131c44ba63 Test CI 2022-06-08 12:40:44 -03:00
vcerenu
27a7479774 Test CI 2022-06-08 12:28:22 -03:00
vcerenu
fea54b3ca7 Test CI 2022-06-08 12:24:11 -03:00
vcerenu
f711968c2f Test CI 2022-06-08 11:53:32 -03:00
vcerenu
adfaab647d Test CI 2022-06-08 11:50:15 -03:00
vcerenu
237b180ff5 Test CI 2022-06-08 11:49:18 -03:00
Alberto R
01a0e3dabd Fixed typo defining variable 2022-06-08 15:37:50 +02:00
Alberto R
b3d576623e Added UI revision 2022-06-08 15:11:54 +02:00
Alberto R
0520a771fe Bumped version 2022-06-08 10:10:23 +02:00
vcerenu
d5550caa26 Test CI 2022-06-07 16:58:38 -03:00
vcerenu
637d5ccae1 Test CI 2022-06-07 16:55:06 -03:00
vcerenu
95207b0777 Test CI 2022-06-07 16:50:44 -03:00
vcerenu
a40c510bba Test CI 2022-06-07 16:39:25 -03:00
vcerenu
7fdb1a91e5 Test CI 2022-06-07 16:36:07 -03:00
vcerenu
3b740e5dce Test CI 2022-06-07 12:22:44 -03:00
vcerenu
281f74582a Test CI 2022-06-07 12:04:47 -03:00
vcerenu
5418494f95 Test CI 2022-06-07 11:57:22 -03:00
vcerenu
c6314893f2 Test CI 2022-06-07 11:50:28 -03:00
vcerenu
5d5f01ab45 Test CI 2022-06-07 11:44:41 -03:00
vcerenu
4b1c420fdd Test CI 2022-06-07 11:40:01 -03:00
vcerenu
3d4a7073ef Test CI 2022-06-07 11:37:31 -03:00
vcerenu
c1ca498617 Test CI 2022-06-07 11:13:05 -03:00
vcerenu
ac92c2f1c0 Test CI 2022-06-06 17:03:17 -03:00
vcerenu
ec16fdf24c Test CI 2022-06-06 16:29:41 -03:00
vcerenu
525bb0ca2c Test CI 2022-06-06 16:06:49 -03:00
vcerenu
a8bd7cba31 Test CI 2022-06-06 11:44:46 -03:00
vcerenu
9fb941f3e5 Test CI 2022-06-06 11:33:39 -03:00
vcerenu
f67f8d1d3b Test CI 2022-06-06 11:15:35 -03:00
vcerenu
1645f8bac2 Test CI 2022-06-06 11:03:34 -03:00
vcerenu
7d394698a7 Test CI 2022-06-03 17:00:32 -03:00
vcerenu
73c25e86d6 Test CI 2022-06-03 16:42:19 -03:00
vcerenu
add81b07e4 Test CI 2022-06-03 16:27:21 -03:00
vcerenu
8f6d24de77 Test CI 2022-06-03 16:24:26 -03:00
vcerenu
2fdb06d824 Test CI 2022-06-03 15:51:18 -03:00
vcerenu
d578dfbd39 Test CI 2022-06-03 15:44:55 -03:00
vcerenu
d7e937d2f8 Test CI 2022-06-02 16:41:22 -03:00
vcerenu
0313563a0c Test CI 2022-06-02 16:21:30 -03:00
vcerenu
0f2fd84173 Test CI 2022-06-02 15:47:59 -03:00
vcerenu
437fbe63d1 Test CI 2022-06-02 15:24:28 -03:00
Gonzalo Acuña
fb66a358c8 Merge pull request #667 from wazuh/bump_4_3_3
Bump 4.3.3 into 4.3
2022-06-02 10:53:25 -03:00
vcerenu
83400ba1e5 bump 4.3.3 2022-06-02 10:31:20 -03:00
José Fernández Aguilera
5555c1dd06 Merge pull request #666 from wazuh/merge_4_4
Merge 4.3.3 into 4.4
2022-06-01 18:40:02 +02:00
vcerenu
0dd044de68 Merge 4.3.3 into 4.4 2022-06-01 12:29:05 -03:00
Alberto Rodríguez
8889c1237d Merge pull request #663 from wazuh/bump_4_3_3
Bump 4.3.3 to 4.3 Branch
2022-05-31 23:12:53 +02:00
vcerenu
f220927849 bump 4.3.3 version 2022-05-31 15:57:14 -03:00
vcerenu
480f0b7bef bump 4.3.3 version 2022-05-31 15:46:04 -03:00
vcerenu
af8627b992 bump 4.3.3 version 2022-05-31 10:55:09 -03:00
vcerenu
384ed07584 bump 4.3.3 version 2022-05-31 10:44:06 -03:00
Alberto Rodríguez
946e3d6c5c Merge pull request #657 from wazuh/update-filebeat-module
Update filebeat module version
2022-05-30 20:13:53 +02:00
José Fernández Aguilera
259f18f96d Merge pull request #659 from wazuh/bump_4_3_2
Bump 4.3.2 to 4.3 Branch
2022-05-30 15:59:16 +02:00
vcerenu
c22330761e bump 4.3.2 version 2022-05-30 10:29:46 -03:00
vcerenu
a453502e9b bump 4.3.2 version 2022-05-30 07:00:22 -03:00
vcerenu
de28f0babc test CI 2022-05-27 19:13:15 -03:00
vcerenu
8795763cd2 test CI 2022-05-27 18:50:10 -03:00
vcerenu
de1e435e26 test CI 2022-05-27 18:27:50 -03:00
vcerenu
5591833d2f test CI 2022-05-27 18:21:37 -03:00
vcerenu
8b2f64a3f8 test CI 2022-05-27 18:03:25 -03:00
vcerenu
290affdaa3 test CI 2022-05-27 17:58:19 -03:00
vcerenu
d1499136f6 test CI 2022-05-27 17:52:25 -03:00
vcerenu
613dc9fbb7 test CI 2022-05-27 17:44:02 -03:00
vcerenu
77520d56ea test CI 2022-05-27 17:35:42 -03:00
vcerenu
111f04fb0b test CI 2022-05-27 17:30:28 -03:00
vcerenu
30ed0e6bb4 test CI 2022-05-27 17:24:12 -03:00
vcerenu
3ab210f8c0 test CI 2022-05-27 16:58:21 -03:00
vcerenu
19fdf93942 test CI 2022-05-27 16:42:37 -03:00
vcerenu
9ef724b46c test CI 2022-05-27 16:37:02 -03:00
vcerenu
2e0a7b7c3d test CI 2022-05-27 16:31:17 -03:00
vcerenu
66dda69a91 test CI 2022-05-27 16:20:39 -03:00
vcerenu
cacc8fc3d3 test CI 2022-05-27 14:01:47 -03:00
vcerenu
11b3160aa4 test CI 2022-05-27 13:55:14 -03:00
vcerenu
bb7723d6be test CI 2022-05-27 13:42:32 -03:00
vcerenu
54756054bc test CI 2022-05-27 13:36:35 -03:00
vcerenu
e0c7194444 test CI 2022-05-27 13:31:08 -03:00
vcerenu
ba3409acee test CI 2022-05-27 13:20:44 -03:00
vcerenu
19e5c24a2e test CI 2022-05-27 12:25:00 -03:00
vcerenu
b7a55ab174 test CI 2022-05-27 12:17:16 -03:00
vcerenu
111cfca50c test CI 2022-05-27 11:57:47 -03:00
vcerenu
704b183002 test CI 2022-05-27 11:44:22 -03:00
vcerenu
579fa10551 test CI 2022-05-27 11:33:26 -03:00
dfolcha
1bc73fb1c4 Update filebeat module version 2022-05-27 15:29:35 +02:00
vcerenu
dfa11c08a4 test CI 2022-05-26 17:22:26 -03:00
vcerenu
ceb920e87a test CI 2022-05-26 17:13:29 -03:00
vcerenu
330763bcb0 test CI 2022-05-26 16:13:04 -03:00
vcerenu
571fad7a08 test CI 2022-05-26 16:04:03 -03:00
vcerenu
ccc781023d test CI 2022-05-26 16:03:09 -03:00
vcerenu
7e26034e22 test CI 2022-05-26 16:01:52 -03:00
vcerenu
182029155e test CI 2022-05-26 15:59:21 -03:00
vcerenu
872c121ba9 test CI 2022-05-26 15:41:25 -03:00
vcerenu
7e8055f128 test CI 2022-05-26 15:09:26 -03:00
vcerenu
469f7db61a test CI 2022-05-26 15:02:49 -03:00
vcerenu
ec6bfa962d test CI 2022-05-26 14:27:59 -03:00
vcerenu
5f063fc445 test CI 2022-05-26 14:22:32 -03:00
vcerenu
9fdf342fa3 test CI 2022-05-26 13:15:56 -03:00
vcerenu
b10a00cade test CI 2022-05-26 13:03:41 -03:00
vcerenu
3d3a3d1274 test CI 2022-05-26 12:36:30 -03:00
vcerenu
3a87d83deb test CI 2022-05-26 12:26:15 -03:00
vcerenu
d22547b9c5 test CI 2022-05-26 11:24:38 -03:00
vcerenu
bb11f13e86 test CI 2022-05-26 11:18:06 -03:00
vcerenu
79ac17ddbd test CI 2022-05-26 11:07:42 -03:00
vcerenu
59ad1b171c test CI 2022-05-26 10:58:42 -03:00
vcerenu
894ba9df12 test CI 2022-05-26 10:45:41 -03:00
vcerenu
5211401620 test CI 2022-05-24 15:38:28 -03:00
vcerenu
65f499c042 test CI 2022-05-24 15:30:49 -03:00
vcerenu
db3d37aef6 test CI 2022-05-24 13:00:10 -03:00
vcerenu
b1e13d3b72 test CI 2022-05-24 12:58:52 -03:00
vcerenu
baa24a7614 test CI 2022-05-24 12:36:01 -03:00
vcerenu
4e975f8dd1 test CI 2022-05-24 12:24:20 -03:00
Alberto Rodríguez
dc34688b04 Merge pull request #653 from wazuh/change-copyright-format
Changed copyright format
2022-05-24 14:28:49 +02:00
Alberto R
f3ae530bfa Fixed company name 2022-05-24 14:14:50 +02:00
Alberto R
ae558612df Changed copyright format 2022-05-24 14:13:16 +02:00
vcerenu
e1fc82af79 test CI 2022-05-23 17:00:54 -03:00
vcerenu
5b03281631 test CI 2022-05-23 16:53:35 -03:00
vcerenu
fe104c7ffb test CI 2022-05-23 12:55:57 -03:00
vcerenu
2d77063934 test CI 2022-05-23 12:28:45 -03:00
vcerenu
bbeb831ceb change path for env file 2022-05-23 12:16:07 -03:00
Alberto Rodríguez
0576fcaf52 Merge pull request #652 from wazuh/fix_whitelist_4_3
Fix whitelist in 4.3
2022-05-23 16:10:00 +02:00
Alberto Rodríguez
5d88983066 Merge pull request #651 from wazuh/fix_whitelist_4_4
Fix whitelist in 4.4
2022-05-23 16:09:43 +02:00
vcerenu
95565df2f5 fix whitelist 2022-05-23 10:58:04 -03:00
vcerenu
70c3a2929e fix whitelist 2022-05-23 10:54:57 -03:00
Alberto Rodríguez
ed5c5d70ba Merge pull request #649 from wazuh/master
Merge master into 4.4
2022-05-23 14:21:52 +02:00
Alberto Rodríguez
97f5a6bf04 Merge pull request #648 from wazuh/merge_master
Merge 4.3 into master
2022-05-23 14:15:22 +02:00
vcerenu
b21c3769d3 Merge 4.3 into master 2022-05-20 15:57:34 -03:00
Alberto Rodríguez
04389ad2ae Merge pull request #641 from wazuh/640-kibana_user_parameter
Modify Dashboard user parameter
2022-05-18 10:06:35 +02:00
Gonzalo Acuña
bfeb4b007a Dashboard entrypoint update 2022-05-17 19:45:53 -03:00
vcerenu
7d06cb56ef Modify Dashboard user parameter 2022-05-17 17:58:22 -03:00
vcerenu
f678aaf1e0 Modify Dashboard user parameter 2022-05-17 17:34:24 -03:00
vcerenu
020031c81d Modify Dashboard user parameter 2022-05-17 15:49:38 -03:00
vcerenu
a40c870e78 test ci actions 2022-05-17 12:52:47 -03:00
vcerenu
8746063177 test ci actions 2022-05-17 12:44:33 -03:00
vcerenu
e39f5a9ab5 test ci actions 2022-05-17 12:35:25 -03:00
vcerenu
316db4f384 test ci actions 2022-05-17 12:24:48 -03:00
vcerenu
8b39bff31d test ci actions 2022-05-17 12:23:55 -03:00
vcerenu
e99476a99b test ci actions 2022-05-17 12:22:32 -03:00
vcerenu
c2712a3929 test ci actions 2022-05-17 11:59:07 -03:00
vcerenu
cb06e15a74 bump develope to 4.3.1 2022-05-17 11:35:52 -03:00
Gonzalo Acuña
cb0bccc9b5 Merge pull request #639 from wazuh/bump_4_3_1
Wazuh Docker 4.3.1
2022-05-17 09:31:37 -03:00
vcerenu
65fd592d52 Bump 4.3.1 version 2022-05-16 12:37:48 -03:00
vcerenu
86fbf77aa9 Bump 4.3.1 version 2022-05-13 12:16:42 -03:00
Gonzalo Acuña
8598da8100 Merge pull request #637 from wazuh/628-change.port-yml
Change dashboard port
2022-05-12 13:35:33 -03:00
vcerenu
80bfc148d0 Change dashboard port 2022-05-12 13:28:13 -03:00
Gonzalo Acuña
eed0cd6930 Merge pull request #635 from wazuh/634-change-docker-compose
Change doc migration
2022-05-12 11:43:00 -03:00
vcerenu
3adb7809dd change doc migration 2022-05-12 11:23:46 -03:00
Gonzalo Acuña
1505d063f5 Merge pull request #633 from wazuh/632-remove-acme-user
Change acme-user
2022-05-11 15:36:41 -03:00
vcerenu
446ecd86e6 change Wazuh API user 2022-05-11 14:05:44 -03:00
vcerenu
ddcad44468 change Wazuh API user 2022-05-11 13:40:46 -03:00
Alberto Rodríguez
2c848fb3e1 Merge pull request #631 from wazuh/reports-dashboard-fix
Add dependencies for Wazuh dashboard
2022-05-06 15:06:55 +02:00
vcerenu
3be8078248 add dependencies for Wazuh dashboard 2022-05-06 10:03:32 -03:00
José Fernández Aguilera
4478021f28 Merge pull request #630 from wazuh/reports-dashboard-fix
Add dependencies for Wazuh dashboard
2022-05-06 14:53:46 +02:00
vcerenu
8d8b9e1336 add dependencies for Wazuh dashboard 2022-05-06 09:32:14 -03:00
Alberto R
e1ed44d847 Changed artifacts dev URLs 2022-05-06 08:36:59 +02:00
vcerenu
43d86dd5c8 add variables from wazuh version 2022-05-03 15:51:38 -03:00
Alberto Rodríguez
9cd399c2df Merge pull request #598 from wazuh/4.2-merge_master
Merge 4.2 into master
2022-03-28 16:58:01 +02:00
Gonzalo Acuña
3e54eeb62f Merge branch 'master' into 4.2-merge_master 2022-03-28 11:34:55 -03:00
Alberto Rodríguez
a4be008028 Merge pull request #596 from wazuh/595-bump_426
Bump to 4.2.6
2022-03-28 15:49:25 +02:00
Gonzalo Acuña
85e62cfd0e Bump to 4.2.6 2022-03-25 10:28:14 -03:00
Alberto R
84fe19e868 Bumped to 4.4.0 2021-11-24 17:01:09 +01:00
57 changed files with 1431 additions and 250 deletions

3
.env Executable file
View File

@@ -0,0 +1,3 @@
WAZUH_VERSION=4.7.5
WAZUH_IMAGE_VERSION=4.7.5
WAZUH_TAG_REVISION=1

34
.github/.goss.yaml vendored
View File

@@ -56,7 +56,7 @@ package:
wazuh-manager: wazuh-manager:
installed: true installed: true
versions: versions:
- 4.3.0 - 4.7.5-1
port: port:
tcp:1514: tcp:1514:
listening: true listening: true
@@ -70,28 +70,6 @@ port:
listening: true listening: true
ip: ip:
- 0.0.0.0 - 0.0.0.0
user:
wazuh:
exists: true
groups:
- wazuh
home: /var/ossec
shell: /sbin/nologin
wazuh:
exists: true
groups:
- wazuh
home: /var/ossec
shell: /sbin/nologin
wazuh:
exists: true
groups:
- wazuh
home: /var/ossec
shell: /sbin/nologin
group:
wazuh:
exists: true
process: process:
filebeat: filebeat:
running: true running: true
@@ -113,3 +91,13 @@ process:
running: true running: true
wazuh-modulesd: wazuh-modulesd:
running: true running: true
user:
wazuh:
exists: true
groups:
- wazuh
home: /var/ossec
shell: /sbin/nologin
group:
wazuh:
exists: true

18
.github/multi-node-filebeat-check.sh vendored Executable file
View File

@@ -0,0 +1,18 @@
filebeatout1=$(docker exec multi-node_wazuh.master_1 sh -c 'filebeat test output')
filebeatstatus1=$(echo "${filebeatout1}" | grep -c OK)
if [[ filebeatstatus1 -eq 7 ]]; then
echo "No errors in master filebeat"
else
echo "Errors in master filebeat"
echo "${filebeatout1}"
exit 1
fi
filebeatout2=$(docker exec multi-node_wazuh.worker_1 sh -c 'filebeat test output')
filebeatstatus2=$(echo "${filebeatout2}" | grep -c OK)
if [[ filebeatstatus2 -eq 7 ]]; then
echo "No errors in worker filebeat"
else
echo "Errors in worker filebeat"
echo "${filebeatout2}"
exit 1
fi

16
.github/multi-node-log-check.sh vendored Executable file
View File

@@ -0,0 +1,16 @@
log1=$(docker exec multi-node_wazuh.master_1 sh -c 'cat /var/ossec/logs/ossec.log' | grep -P "ERR|WARN|CRIT")
if [[ -z "$log1" ]]; then
echo "No errors in master ossec.log"
else
echo "Errors in master ossec.log:"
echo "${log1}"
exit 1
fi
log2=$(docker exec multi-node_wazuh.worker_1 sh -c 'cat /var/ossec/logs/ossec.log' | grep -P "ERR|WARN|CRIT")
if [[ -z "${log2}" ]]; then
echo "No errors in worker ossec.log"
else
echo "Errors in worker ossec.log:"
echo "${log2}"
exit 1
fi

9
.github/single-node-filebeat-check.sh vendored Executable file
View File

@@ -0,0 +1,9 @@
filebeatout=$(docker exec single-node_wazuh.manager_1 sh -c 'filebeat test output')
filebeatstatus=$(echo "${filebeatout}" | grep -c OK)
if [[ filebeatstatus -eq 7 ]]; then
echo "No errors in filebeat"
else
echo "Errors in filebeat"
echo "${filebeatout}"
exit 1
fi

8
.github/single-node-log-check.sh vendored Executable file
View File

@@ -0,0 +1,8 @@
log=$(docker exec single-node_wazuh.manager_1 sh -c 'cat /var/ossec/logs/ossec.log' | grep -P "ERR|WARN|CRIT")
if [[ -z "$log" ]]; then
echo "No errors in ossec.log"
else
echo "Errors in ossec.log:"
echo "${log}"
exit 1
fi

View File

@@ -1,31 +1,310 @@
name: Wazuh Docker pipeline name: Wazuh Docker pipeline
on: [push] on: [pull_request]
jobs: jobs:
build-stack: build-docker-images:
runs-on: ubuntu-latest runs-on: ubuntu-latest
steps: steps:
- name: Check out code - name: Check out code
uses: actions/checkout@v2 uses: actions/checkout@v3
- name: Build the docker-compose stack - name: Build Wazuh images
run: docker-compose -f build-wazuh-images.yml up -d --build run: build-docker-images/build-images.sh
- name: Check running containers - name: Create enviroment variables
run: docker ps -a run: cat .env > $GITHUB_ENV
- name: Shutdown the stack - name: Create backup Docker images
run: docker-compose -f build-wazuh-images.yml kill run: |
mkdir -p /home/runner/work/wazuh-docker/wazuh-docker/docker-images/
docker save wazuh/wazuh-manager:${{env.WAZUH_IMAGE_VERSION}} -o /home/runner/work/wazuh-docker/wazuh-docker/docker-images/wazuh-manager.tar
docker save wazuh/wazuh-indexer:${{env.WAZUH_IMAGE_VERSION}} -o /home/runner/work/wazuh-docker/wazuh-docker/docker-images/wazuh-indexer.tar
docker save wazuh/wazuh-dashboard:${{env.WAZUH_IMAGE_VERSION}} -o /home/runner/work/wazuh-docker/wazuh-docker/docker-images/wazuh-dashboard.tar
- name: Temporarily save Wazuh manager Docker image
uses: actions/upload-artifact@v3
with:
name: docker-artifact-manager
path: /home/runner/work/wazuh-docker/wazuh-docker/docker-images/wazuh-manager.tar
retention-days: 1
- name: Temporarily save Wazuh indexer Docker image
uses: actions/upload-artifact@v3
with:
name: docker-artifact-indexer
path: /home/runner/work/wazuh-docker/wazuh-docker/docker-images/wazuh-indexer.tar
retention-days: 1
- name: Temporarily save Wazuh dashboard Docker image
uses: actions/upload-artifact@v3
with:
name: docker-artifact-dashboard
path: /home/runner/work/wazuh-docker/wazuh-docker/docker-images/wazuh-dashboard.tar
retention-days: 1
- name: Install Goss - name: Install Goss
uses: e1himself/goss-installation-action@v1.0.3 uses: e1himself/goss-installation-action@v1.0.3
with: with:
version: v0.3.16 version: v0.3.16
- name: Execute Goss tests (wazuh-odfe) - name: Execute Goss tests (wazuh-manager)
run: dgoss run wazuh/wazuh-manager:4.3.0 run: dgoss run wazuh/wazuh-manager:${{env.WAZUH_IMAGE_VERSION}}
env: env:
GOSS_SLEEP: 30 GOSS_SLEEP: 30
GOSS_FILE: .github/.goss.yaml GOSS_FILE: .github/.goss.yaml
check-single-node:
runs-on: ubuntu-latest
needs: build-docker-images
steps:
- name: Check out code
uses: actions/checkout@v3
- name: Create enviroment variables
run: cat .env > $GITHUB_ENV
- name: Retrieve saved Wazuh indexer Docker image
uses: actions/download-artifact@v3
with:
name: docker-artifact-indexer
- name: Retrieve saved Wazuh manager Docker image
uses: actions/download-artifact@v3
with:
name: docker-artifact-manager
- name: Retrieve saved Wazuh dashboard Docker image
uses: actions/download-artifact@v3
with:
name: docker-artifact-dashboard
- name: Docker load
run: |
docker load --input ./wazuh-indexer.tar
docker load --input ./wazuh-dashboard.tar
docker load --input ./wazuh-manager.tar
- name: Create single node certficates
run: docker-compose -f single-node/generate-indexer-certs.yml run --rm generator
- name: Start single node stack
run: docker-compose -f single-node/docker-compose.yml up -d
- name: Check Wazuh indexer start
run: |
sleep 60
status_green="`curl -XGET "https://0.0.0.0:9200/_cluster/health" -u admin:SecretPassword -k -s | grep green | wc -l`"
if [[ $status_green -eq 1 ]]; then
curl -XGET "https://0.0.0.0:9200/_cluster/health" -u admin:SecretPassword -k -s
else
curl -XGET "https://0.0.0.0:9200/_cluster/health" -u admin:SecretPassword -k -s
exit 1
fi
status_index="`curl -XGET "https://0.0.0.0:9200/_cat/indices" -u admin:SecretPassword -k -s | wc -l`"
status_index_green="`curl -XGET "https://0.0.0.0:9200/_cat/indices" -u admin:SecretPassword -k -s | grep "green" | wc -l`"
if [[ $status_index_green -eq $status_index ]]; then
curl -XGET "https://0.0.0.0:9200/_cat/indices" -u admin:SecretPassword -k -s
else
curl -XGET "https://0.0.0.0:9200/_cat/indices" -u admin:SecretPassword -k -s
exit 1
fi
- name: Check Wazuh indexer nodes
run: |
nodes="`curl -XGET "https://0.0.0.0:9200/_cat/nodes" -u admin:SecretPassword -k -s | grep -E "indexer" | wc -l`"
if [[ $nodes -eq 1 ]]; then
echo "Wazuh indexer nodes: ${nodes}"
else
echo "Wazuh indexer nodes: ${nodes}"
exit 1
fi
- name: Check documents into wazuh-alerts index
run: |
docs="`curl -XGET "https://0.0.0.0:9200/wazuh-alerts*/_count" -u admin:SecretPassword -k -s | jq -r ".count"`"
if [[ $docs -gt 100 ]]; then
echo "wazuh-alerts index documents: ${docs}"
else
echo "wazuh-alerts index documents: ${docs}"
exit 1
fi
- name: Check Wazuh templates
run: |
qty_templates="`curl -XGET "https://0.0.0.0:9200/_cat/templates" -u admin:SecretPassword -k -s | grep -P "wazuh|wazuh-agent|wazuh-statistics" | wc -l`"
templates="`curl -XGET "https://0.0.0.0:9200/_cat/templates" -u admin:SecretPassword -k -s | grep -P "wazuh|wazuh-agent|wazuh-statistics"`"
if [[ $qty_templates -eq 3 ]]; then
echo "wazuh templates:"
echo "${templates}"
else
echo "wazuh templates:"
echo "${templates}"
exit 1
fi
- name: Check Wazuh manager start
run: |
services="`curl -k -s -X GET "https://0.0.0.0:55000/manager/status?pretty=true" -H "Authorization: Bearer ${{env.TOKEN}}" | jq -r .data.affected_items | grep running | wc -l`"
if [[ $services -gt 9 ]]; then
echo "Wazuh Manager Services: ${services}"
echo "OK"
else
echo "Wazuh indexer nodes: ${nodes}"
curl -k -X GET "https://0.0.0.0:55000/manager/status?pretty=true" -H "Authorization: Bearer ${{env.TOKEN}}" | jq -r .data.affected_items
exit 1
fi
env:
TOKEN: $(curl -s -u wazuh-wui:MyS3cr37P450r.*- -k -X GET "https://0.0.0.0:55000/security/user/authenticate?raw=true")
- name: Check errors in ossec.log
run: ./.github/single-node-log-check.sh
- name: Check filebeat output
run: ./.github/single-node-filebeat-check.sh
- name: Check Wazuh dashboard service URL
run: |
status=$(curl -XGET --silent https://0.0.0.0:443/app/status -k -u admin:SecretPassword -I -s | grep -E "^HTTP" | awk '{print $2}')
if [[ $status -eq 200 ]]; then
echo "Wazuh dashboard status: ${status}"
else
echo "Wazuh dashboard status: ${status}"
exit 1
fi
- name: Stop single node stack
run: docker-compose -f single-node/docker-compose.yml down
check-multi-node:
runs-on: ubuntu-latest
needs: build-docker-images
steps:
- name: Check out code
uses: actions/checkout@v3
- name: Create enviroment variables
run: cat .env > $GITHUB_ENV
- name: Retrieve saved Wazuh dashboard Docker image
uses: actions/download-artifact@v3
with:
name: docker-artifact-dashboard
- name: Retrieve saved Wazuh manager Docker image
uses: actions/download-artifact@v3
with:
name: docker-artifact-manager
- name: Retrieve saved Wazuh indexer Docker image
uses: actions/download-artifact@v3
with:
name: docker-artifact-indexer
- name: Docker load
run: |
docker load --input ./wazuh-manager.tar
docker load --input ./wazuh-indexer.tar
docker load --input ./wazuh-dashboard.tar
- name: Create multi node certficates
run: docker-compose -f multi-node/generate-indexer-certs.yml run --rm generator
- name: Start multi node stack
run: docker-compose -f multi-node/docker-compose.yml up -d
- name: Check Wazuh indexer start
run: |
sleep 120
status_green="`curl -XGET "https://0.0.0.0:9200/_cluster/health" -u admin:SecretPassword -k -s | grep green | wc -l`"
if [[ $status_green -eq 1 ]]; then
curl -XGET "https://0.0.0.0:9200/_cluster/health" -u admin:SecretPassword -k -s
else
curl -XGET "https://0.0.0.0:9200/_cluster/health" -u admin:SecretPassword -k -s
exit 1
fi
status_index="`curl -XGET "https://0.0.0.0:9200/_cat/indices" -u admin:SecretPassword -k -s | wc -l`"
status_index_green="`curl -XGET "https://0.0.0.0:9200/_cat/indices" -u admin:SecretPassword -k -s | grep -E "green" | wc -l`"
if [[ $status_index_green -eq $status_index ]]; then
curl -XGET "https://0.0.0.0:9200/_cat/indices" -u admin:SecretPassword -k -s
else
curl -XGET "https://0.0.0.0:9200/_cat/indices" -u admin:SecretPassword -k -s
exit 1
fi
- name: Check Wazuh indexer nodes
run: |
nodes="`curl -XGET "https://0.0.0.0:9200/_cat/nodes" -u admin:SecretPassword -k -s | grep -E "indexer" | wc -l`"
if [[ $nodes -eq 3 ]]; then
echo "Wazuh indexer nodes: ${nodes}"
else
echo "Wazuh indexer nodes: ${nodes}"
exit 1
fi
- name: Check documents into wazuh-alerts index
run: |
docs="`curl -XGET "https://0.0.0.0:9200/wazuh-alerts*/_count" -u admin:SecretPassword -k -s | jq -r ".count"`"
if [[ $docs -gt 100 ]]; then
echo "wazuh-alerts index documents: ${docs}"
else
echo "wazuh-alerts index documents: ${docs}"
exit 1
fi
- name: Check Wazuh templates
run: |
qty_templates="`curl -XGET "https://0.0.0.0:9200/_cat/templates" -u admin:SecretPassword -k -s | grep "wazuh" | wc -l`"
templates="`curl -XGET "https://0.0.0.0:9200/_cat/templates" -u admin:SecretPassword -k -s | grep "wazuh"`"
if [[ $qty_templates -eq 3 ]]; then
echo "wazuh templates:"
echo "${templates}"
else
echo "wazuh templates:"
echo "${templates}"
exit 1
fi
- name: Check Wazuh manager start
run: |
services="`curl -k -s -X GET "https://0.0.0.0:55000/manager/status?pretty=true" -H "Authorization: Bearer ${{env.TOKEN}}" | jq -r .data.affected_items | grep running | wc -l`"
if [[ $services -gt 10 ]]; then
echo "Wazuh Manager Services: ${services}"
echo "OK"
else
echo "Wazuh indexer nodes: ${nodes}"
curl -k -s -X GET "https://0.0.0.0:55000/manager/status?pretty=true" -H "Authorization: Bearer ${{env.TOKEN}}" | jq -r .data.affected_items
exit 1
fi
nodes=$(curl -k -s -X GET "https://0.0.0.0:55000/cluster/nodes" -H "Authorization: Bearer ${{env.TOKEN}}" | jq -r ".data.affected_items[].name" | wc -l)
if [[ $nodes -eq 2 ]]; then
echo "Wazuh manager nodes: ${nodes}"
else
echo "Wazuh manager nodes: ${nodes}"
exit 1
fi
env:
TOKEN: $(curl -s -u wazuh-wui:MyS3cr37P450r.*- -k -X GET "https://0.0.0.0:55000/security/user/authenticate?raw=true")
- name: Check errors in ossec.log
run: ./.github/multi-node-log-check.sh
- name: Check filebeat output
run: ./.github/multi-node-filebeat-check.sh
- name: Check Wazuh dashboard service URL
run: |
status=$(curl -XGET --silent https://0.0.0.0:443/app/status -k -u admin:SecretPassword -I | grep -E "^HTTP" | awk '{print $2}')
if [[ $status -eq 200 ]]; then
echo "Wazuh dashboard status: ${status}"
else
echo "Wazuh dashboard status: ${status}"
exit 1
fi

View File

@@ -0,0 +1,71 @@
# This workflow uses actions that are not certified by GitHub.
# They are provided by a third-party and are governed by
# separate terms of service, privacy policy, and support
# documentation.
name: Trivy scan Wazuh dashboard
on:
release:
types:
- published
pull_request:
branches:
- master
- stable
schedule:
- cron: '34 2 * * 1'
workflow_dispatch:
permissions:
contents: read
jobs:
build:
permissions:
contents: read # for actions/checkout to fetch code
security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
name: Build images and upload Trivy results
runs-on: "ubuntu-latest"
steps:
- name: Checkout code
uses: actions/checkout@v3
with: { ref: 4.4 }
- name: Installing dependencies
run: |
sudo apt-get update
sudo apt-get install -y jq
- name: Build Wazuh images
run: build-docker-images/build-images.sh
- name: Create enviroment variables
run: |
cat .env > $GITHUB_ENV
echo "GITHUB_REF_NAME="${GITHUB_REF_NAME%/*} >> $GITHUB_ENV
- name: Run Trivy vulnerability scanner for Wazuh dashboard
uses: aquasecurity/trivy-action@2a2157eb22c08c9a1fac99263430307b8d1bc7a2
with:
image-ref: 'wazuh/wazuh-dashboard:${{env.WAZUH_IMAGE_VERSION}}'
format: 'template'
template: '@/contrib/sarif.tpl'
output: 'trivy-results-dashboard.sarif'
severity: 'LOW,MEDIUM,CRITICAL,HIGH'
- name: Upload Trivy scan results to GitHub Security tab
uses: github/codeql-action/upload-sarif@v2
with:
sarif_file: 'trivy-results-dashboard.sarif'
- name: Slack notification
uses: rtCamp/action-slack-notify@v2
env:
SLACK_CHANNEL: cicd-monitoring
SLACK_COLOR: ${{ job.status }} # or a specific color like 'good' or '#ff00ff'
#SLACK_ICON: https://github.com/rtCamp.png?size=48
SLACK_MESSAGE: "Check the results: https://github.com/wazuh/wazuh-docker/security/code-scanning?query=is%3Aopen+branch%3A${{ env.GITHUB_REF_NAME }}"
SLACK_TITLE: Wazuh docker Trivy vulnerability scan finished.
SLACK_USERNAME: github_actions
SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK }}

71
.github/workflows/trivy-indexer-4-4.yml vendored Normal file
View File

@@ -0,0 +1,71 @@
# This workflow uses actions that are not certified by GitHub.
# They are provided by a third-party and are governed by
# separate terms of service, privacy policy, and support
# documentation.
name: Trivy scan Wazuh indexer
on:
release:
types:
- published
pull_request:
branches:
- master
- stable
schedule:
- cron: '34 2 * * 1'
workflow_dispatch:
permissions:
contents: read
jobs:
build:
permissions:
contents: read # for actions/checkout to fetch code
security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
name: Build images and upload Trivy results
runs-on: "ubuntu-latest"
steps:
- name: Checkout code
uses: actions/checkout@v3
with: { ref: 4.4 }
- name: Installing dependencies
run: |
sudo apt-get update
sudo apt-get install -y jq
- name: Build Wazuh images
run: build-docker-images/build-images.sh
- name: Create enviroment variables
run: |
cat .env > $GITHUB_ENV
echo "GITHUB_REF_NAME="${GITHUB_REF_NAME%/*} >> $GITHUB_ENV
- name: Run Trivy vulnerability scanner for Wazuh indexer
uses: aquasecurity/trivy-action@2a2157eb22c08c9a1fac99263430307b8d1bc7a2
with:
image-ref: 'wazuh/wazuh-indexer:${{env.WAZUH_IMAGE_VERSION}}'
format: 'template'
template: '@/contrib/sarif.tpl'
output: 'trivy-results-indexer.sarif'
severity: 'LOW,MEDIUM,CRITICAL,HIGH'
- name: Upload Trivy scan results to GitHub Security tab
uses: github/codeql-action/upload-sarif@v2
with:
sarif_file: 'trivy-results-indexer.sarif'
- name: Slack notification
uses: rtCamp/action-slack-notify@v2
env:
SLACK_CHANNEL: cicd-monitoring
SLACK_COLOR: ${{ job.status }} # or a specific color like 'good' or '#ff00ff'
#SLACK_ICON: https://github.com/rtCamp.png?size=48
SLACK_MESSAGE: "Check the results: https://github.com/wazuh/wazuh-docker/security/code-scanning?query=is%3Aopen+branch%3A${{ env.GITHUB_REF_NAME }}"
SLACK_TITLE: Wazuh docker Trivy vulnerability scan finished.
SLACK_USERNAME: github_actions
SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK }}

71
.github/workflows/trivy-manager-4-4.yml vendored Normal file
View File

@@ -0,0 +1,71 @@
# This workflow uses actions that are not certified by GitHub.
# They are provided by a third-party and are governed by
# separate terms of service, privacy policy, and support
# documentation.
name: Trivy scan Wazuh manager
on:
release:
types:
- published
pull_request:
branches:
- master
- stable
schedule:
- cron: '34 2 * * 1'
workflow_dispatch:
permissions:
contents: read
jobs:
build:
permissions:
contents: read # for actions/checkout to fetch code
security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
name: Build images and upload Trivy results
runs-on: "ubuntu-latest"
steps:
- name: Checkout code
uses: actions/checkout@v3
with: { ref: 4.4 }
- name: Installing dependencies
run: |
sudo apt-get update
sudo apt-get install -y jq
- name: Build Wazuh images
run: build-docker-images/build-images.sh
- name: Create enviroment variables
run: |
cat .env > $GITHUB_ENV
echo "GITHUB_REF_NAME="${GITHUB_REF_NAME%/*} >> $GITHUB_ENV
- name: Run Trivy vulnerability scanner for Wazuh manager
uses: aquasecurity/trivy-action@2a2157eb22c08c9a1fac99263430307b8d1bc7a2
with:
image-ref: 'wazuh/wazuh-manager:${{env.WAZUH_IMAGE_VERSION}}'
format: 'template'
template: '@/contrib/sarif.tpl'
output: 'trivy-results-manager.sarif'
severity: 'LOW,MEDIUM,CRITICAL,HIGH'
- name: Upload Trivy scan results to GitHub Security tab
uses: github/codeql-action/upload-sarif@v2
with:
sarif_file: 'trivy-results-manager.sarif'
- name: Slack notification
uses: rtCamp/action-slack-notify@v2
env:
SLACK_CHANNEL: cicd-monitoring
SLACK_COLOR: ${{ job.status }} # or a specific color like 'good' or '#ff00ff'
#SLACK_ICON: https://github.com/rtCamp.png?size=48
SLACK_MESSAGE: "Check the results: https://github.com/wazuh/wazuh-docker/security/code-scanning?query=is%3Aopen+branch%3A${{ env.GITHUB_REF_NAME }}"
SLACK_TITLE: Wazuh docker Trivy vulnerability scan finished.
SLACK_USERNAME: github_actions
SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK }}

2
.gitignore vendored
View File

@@ -1,4 +1,4 @@
single-node/config/wazuh_indexer_ssl_certs/*.pem single-node/config/wazuh_indexer_ssl_certs/*.pem
single-node/config/wazuh_indexer_ssl_certs/*.key single-node/config/wazuh_indexer_ssl_certs/*.key
multi-node/config/wazuh_indexer_ssl_certs/*.pem multi-node/config/wazuh_indexer_ssl_certs/*.pem
multi-node/config/wazuh_indexer_ssl_certs/*.key multi-node/config/wazuh_indexer_ssl_certs/*.key

View File

@@ -1,11 +1,168 @@
# Change Log # Change Log
All notable changes to this project will be documented in this file. All notable changes to this project will be documented in this file.
## Wazuh Docker v4.7.5
### Added
- Update Wazuh to version [4.7.5](https://github.com/wazuh/wazuh/blob/v4.7.5/CHANGELOG.md#v475)
## Wazuh Docker v4.7.4
### Added
- Update Wazuh to version [4.7.4](https://github.com/wazuh/wazuh/blob/v4.7.4/CHANGELOG.md#v474)
## Wazuh Docker v4.7.3
### Added
- Update Wazuh to version [4.7.3](https://github.com/wazuh/wazuh/blob/v4.7.3/CHANGELOG.md#v473)
## Wazuh Docker v4.7.2
### Added
- Update Wazuh to version [4.7.2](https://github.com/wazuh/wazuh/blob/v4.7.2/CHANGELOG.md#v472)
## Wazuh Docker v4.7.1
### Added
- Update Wazuh to version [4.7.1](https://github.com/wazuh/wazuh/blob/v4.7.1/CHANGELOG.md#v471)
## Wazuh Docker v4.7.0
### Added
- Update Wazuh to version [4.7.0](https://github.com/wazuh/wazuh/blob/v4.7.0/CHANGELOG.md#v470)
## Wazuh Docker v4.6.0
### Added
- Update Wazuh to version [4.6.0](https://github.com/wazuh/wazuh/blob/v4.6.0/CHANGELOG.md#v460)
## Wazuh Docker v4.5.4
### Added
- Update Wazuh to version [4.5.4](https://github.com/wazuh/wazuh/blob/v4.5.4/CHANGELOG.md#v454)
## Wazuh Docker v4.5.3
### Added
- Update Wazuh to version [4.5.3](https://github.com/wazuh/wazuh/blob/v4.5.3/CHANGELOG.md#v453)
## Wazuh Docker v4.5.2
### Added
- Update Wazuh to version [4.5.2](https://github.com/wazuh/wazuh/blob/v4.5.2/CHANGELOG.md#v452)
## Wazuh Docker v4.5.1
### Added
- Update Wazuh to version [4.5.1](https://github.com/wazuh/wazuh/blob/v4.5.1/CHANGELOG.md#v451)
## Wazuh Docker v4.5.0
### Added
- Update Wazuh to version [4.5.0](https://github.com/wazuh/wazuh/blob/v4.5.0/CHANGELOG.md#v450)
## Wazuh Docker v4.4.5
### Added
- Update Wazuh to version [4.4.5](https://github.com/wazuh/wazuh/blob/v4.4.5/CHANGELOG.md#v445)
## Wazuh Docker v4.4.4
### Added
- Update Wazuh to version [4.4.4](https://github.com/wazuh/wazuh/blob/v4.4.4/CHANGELOG.md#v444)
## Wazuh Docker v4.4.3
### Added
- Update Wazuh to version [4.4.3](https://github.com/wazuh/wazuh/blob/v4.4.3/CHANGELOG.md#v443)
## Wazuh Docker v4.4.2
### Added
- Update Wazuh to version [4.4.2](https://github.com/wazuh/wazuh/blob/v4.4.2/CHANGELOG.md#v442)
## Wazuh Docker v4.4.1
### Added
- Update Wazuh to version [4.4.1](https://github.com/wazuh/wazuh/blob/v4.4.1/CHANGELOG.md#v441)
## Wazuh Docker v4.4.0
### Added
- Update Wazuh to version [4.4.0](https://github.com/wazuh/wazuh/blob/v4.4.0/CHANGELOG.md#v440)
## Wazuh Docker v4.3.11
### Added
- Update Wazuh to version [4.3.11](https://github.com/wazuh/wazuh/blob/v4.3.11/CHANGELOG.md#v4311)
## Wazuh Docker v4.3.10
### Added
- Update Wazuh to version [4.3.10](https://github.com/wazuh/wazuh/blob/v4.3.10/CHANGELOG.md#v4310)
## Wazuh Docker v4.3.9
### Added
- Update Wazuh to version [4.3.9](https://github.com/wazuh/wazuh/blob/v4.3.9/CHANGELOG.md#v439)
## Wazuh Docker v4.3.8
### Added
- Update Wazuh to version [4.3.8](https://github.com/wazuh/wazuh/blob/v4.3.8/CHANGELOG.md#v438)
## Wazuh Docker v4.3.7
### Added
- Update Wazuh to version [4.3.7](https://github.com/wazuh/wazuh/blob/v4.3.7/CHANGELOG.md#v437)
## Wazuh Docker v4.3.6
### Added
- Update Wazuh to version [4.3.6](https://github.com/wazuh/wazuh/blob/v4.3.6/CHANGELOG.md#v436)
## Wazuh Docker v4.3.5
### Added
- Update Wazuh to version [4.3.5](https://github.com/wazuh/wazuh/blob/v4.3.5/CHANGELOG.md#v435)
## Wazuh Docker v4.3.4
### Added
- Update Wazuh to version [4.3.4](https://github.com/wazuh/wazuh/blob/v4.3.4/CHANGELOG.md#v434)
## Wazuh Docker v4.3.3
### Added
- Update Wazuh to version [4.3.3](https://github.com/wazuh/wazuh/blob/v4.3.3/CHANGELOG.md#v433)
## Wazuh Docker v4.3.2
### Added
- Update Wazuh to version [4.3.2](https://github.com/wazuh/wazuh/blob/v4.3.2/CHANGELOG.md#v432)
## Wazuh Docker v4.3.1
### Added
- Update Wazuh to version [4.3.1](https://github.com/wazuh/wazuh/blob/v4.3.1/CHANGELOG.md#v431)
## Wazuh Docker v4.3.0 ## Wazuh Docker v4.3.0
### Added ### Added
- Update Wazuh to version [4.3.0](https://github.com/wazuh/wazuh/blob/v4.3.0/CHANGELOG.md#v430) - Update Wazuh to version [4.3.0](https://github.com/wazuh/wazuh/blob/v4.3.0/CHANGELOG.md#v430)
## Wazuh Docker v4.2.7
### Added
- Update Wazuh to version [4.2.7](https://github.com/wazuh/wazuh/blob/v4.2.7/CHANGELOG.md#v427)
## Wazuh Docker v4.2.6
### Added
- Update Wazuh to version [4.2.6](https://github.com/wazuh/wazuh/blob/v4.2.6/CHANGELOG.md#v426)
## Wazuh Docker v4.2.5 ## Wazuh Docker v4.2.5
### Added ### Added

View File

@@ -1,5 +1,5 @@
Portions Copyright (C) 2021 Wazuh, Inc. Portions Copyright (C) 2017, Wazuh Inc.
Based on work Copyright (C) 2003 - 2013 Trend Micro, Inc. Based on work Copyright (C) 2003 - 2013 Trend Micro, Inc.
This program is a free software; you can redistribute it and/or modify This program is a free software; you can redistribute it and/or modify

View File

@@ -36,13 +36,13 @@ Default values are included when available.
### Wazuh ### Wazuh
``` ```
API_USERNAME="wazuh" # Wazuh API username API_USERNAME="wazuh-wui" # Wazuh API username
API_PASSWORD="wazuh" # Wazuh API password - Must comply with requirements API_PASSWORD="MyS3cr37P450r.*-" # Wazuh API password - Must comply with requirements
# (8+ length, uppercase, lowercase, specials chars) # (8+ length, uppercase, lowercase, specials chars)
INDEXER_URL=https://wazuh.indexer:9200 # Wazuh indexer URL INDEXER_URL=https://wazuh.indexer:9200 # Wazuh indexer URL
INDEXER_USERNAME=admin # Wazuh indexer Username INDEXER_USERNAME=admin # Wazuh indexer Username
INDEXER_PASSWORD=admin # Wazuh indexer Password INDEXER_PASSWORD=SecretPassword # Wazuh indexer Password
FILEBEAT_SSL_VERIFICATION_MODE=full # Filebeat SSL Verification mode (full or none) FILEBEAT_SSL_VERIFICATION_MODE=full # Filebeat SSL Verification mode (full or none)
SSL_CERTIFICATE_AUTHORITIES="" # Path of Filebeat SSL CA SSL_CERTIFICATE_AUTHORITIES="" # Path of Filebeat SSL CA
SSL_CERTIFICATE="" # Path of Filebeat SSL Certificate SSL_CERTIFICATE="" # Path of Filebeat SSL Certificate
@@ -78,10 +78,12 @@ API_SELECTOR=true Defines if the user is allowed to change the sel
IP_SELECTOR=true # Defines if the user is allowed to change the selected index pattern directly from the Wazuh app top menu IP_SELECTOR=true # Defines if the user is allowed to change the selected index pattern directly from the Wazuh app top menu
IP_IGNORE="[]" # List of index patterns to be ignored IP_IGNORE="[]" # List of index patterns to be ignored
DASHBOARD_USERNAME=kibanaserver # Custom user saved in the dashboard keystore
DASHBOARD_PASSWORD=kibanaserver # Custom password saved in the dashboard keystore
WAZUH_MONITORING_ENABLED=true # Custom settings to enable/disable wazuh-monitoring indices WAZUH_MONITORING_ENABLED=true # Custom settings to enable/disable wazuh-monitoring indices
WAZUH_MONITORING_FREQUENCY=900 # Custom setting to set the frequency for wazuh-monitoring indices cron task WAZUH_MONITORING_FREQUENCY=900 # Custom setting to set the frequency for wazuh-monitoring indices cron task
WAZUH_MONITORING_SHARDS=2 # Configure wazuh-monitoring-* indices shards and replicas WAZUH_MONITORING_SHARDS=2 # Configure wazuh-monitoring-* indices shards and replicas
WAZUH_MONITORING_REPLICAS=0 # WAZUH_MONITORING_REPLICAS=0 ##
``` ```
## Directory structure ## Directory structure
@@ -193,7 +195,38 @@ WAZUH_MONITORING_REPLICAS=0 #
| Wazuh version | ODFE | XPACK | | Wazuh version | ODFE | XPACK |
|---------------|---------|--------| |---------------|---------|--------|
| v4.7.5 | | |
| v4.7.4 | | |
| v4.7.3 | | |
| v4.7.2 | | |
| v4.7.1 | | |
| v4.7.0 | | |
| v4.6.0 | | |
| v4.5.4 | | |
| v4.5.3 | | |
| v4.5.2 | | |
| v4.5.1 | | |
| v4.5.0 | | |
| v4.4.5 | | |
| v4.4.4 | | |
| v4.4.3 | | |
| v4.4.2 | | |
| v4.4.1 | | |
| v4.4.0 | | |
| v4.3.11 | | |
| v4.3.10 | | |
| v4.3.9 | | |
| v4.3.8 | | |
| v4.3.7 | | |
| v4.3.6 | | |
| v4.3.5 | | |
| v4.3.4 | | |
| v4.3.3 | | |
| v4.3.2 | | |
| v4.3.1 | | |
| v4.3.0 | | | | v4.3.0 | | |
| v4.2.7 | 1.13.2 | 7.11.2 |
| v4.2.6 | 1.13.2 | 7.11.2 |
| v4.2.5 | 1.13.2 | 7.11.2 | | v4.2.5 | 1.13.2 | 7.11.2 |
| v4.2.4 | 1.13.2 | 7.11.2 | | v4.2.4 | 1.13.2 | 7.11.2 |
| v4.2.3 | 1.13.2 | 7.11.2 | | v4.2.3 | 1.13.2 | 7.11.2 |
@@ -223,7 +256,7 @@ We thank you them and everyone else who has contributed to this project.
## License and copyright ## License and copyright
Wazuh Docker Copyright (C) 2021 Wazuh Inc. (License GPLv2) Wazuh Docker Copyright (C) 2017, Wazuh Inc. (License GPLv2)
## Web references ## Web references

View File

@@ -1,2 +1,2 @@
WAZUH-DOCKER_VERSION="4.3.0" WAZUH-DOCKER_VERSION="4.7.5"
REVISION="43100" REVISION="40720"

View File

@@ -1,7 +1,32 @@
# Wazuh Docker Image Builder # Wazuh Docker Image Builder
This stack allows you to build the Wazuh manager, indexer, and dashboard images locally by running the command: The creation of the images for the Wazuh stack deployment in Docker is done with the build-images.yml script
To execute the process, the following must be executed in the root of the wazuh-docker repository:
``` ```
$ docker-compose build $ build-docker-images/build-images.sh
```
This script initializes the environment variables needed to build each of the images.
The script allows you to build images from other versions of Wazuh, to do this you must use the -v or --version argument:
```
$ build-docker-images/build-images.sh -v 4.5.2
```
To get all the available script options use the -h or --help option:
```
$ build-docker-images/build-images.sh -h
Usage: build-docker-images/build-images.sh [OPTIONS]
-d, --dev <ref> [Optional] Set the development stage you want to build, example rc1 or beta1, not used by default.
-f, --filebeat-module <ref> [Optional] Set Filebeat module version. By default 0.3.
-r, --revision <rev> [Optional] Package revision. By default 1
-v, --version <ver> [Optional] Set the Wazuh version should be builded. By default, 4.7.5.
-h, --help Show this help.
``` ```

View File

@@ -0,0 +1,144 @@
WAZUH_IMAGE_VERSION=4.7.5
WAZUH_VERSION=$(echo $WAZUH_IMAGE_VERSION | sed -e 's/\.//g')
WAZUH_TAG_REVISION=1
WAZUH_CURRENT_VERSION=$(curl --silent https://api.github.com/repos/wazuh/wazuh/releases/latest | grep '\"tag_name\":' | sed -E 's/.*\"([^\"]+)\".*/\1/' | cut -c 2- | sed -e 's/\.//g')
IMAGE_VERSION=${WAZUH_IMAGE_VERSION}
# Wazuh package generator
# Copyright (C) 2023, Wazuh Inc.
#
# This program is a free software; you can redistribute it
# and/or modify it under the terms of the GNU General Public
# License (version 2) as published by the FSF - Free Software
# Foundation.
WAZUH_IMAGE_VERSION="4.7.5"
WAZUH_TAG_REVISION="1"
WAZUH_DEV_STAGE=""
FILEBEAT_MODULE_VERSION="0.3"
# -----------------------------------------------------------------------------
trap ctrl_c INT
clean() {
exit_code=$1
exit ${exit_code}
}
ctrl_c() {
clean 1
}
# -----------------------------------------------------------------------------
build() {
WAZUH_VERSION="$(echo $WAZUH_IMAGE_VERSION | sed -e 's/\.//g')"
FILEBEAT_TEMPLATE_BRANCH="${WAZUH_IMAGE_VERSION}"
WAZUH_FILEBEAT_MODULE="wazuh-filebeat-${FILEBEAT_MODULE_VERSION}.tar.gz"
WAZUH_UI_REVISION="${WAZUH_TAG_REVISION}"
if [ "${WAZUH_DEV_STAGE}" ];then
FILEBEAT_TEMPLATE_BRANCH="v${FILEBEAT_TEMPLATE_BRANCH}-${WAZUH_DEV_STAGE,,}"
if ! curl --output /dev/null --silent --head --fail "https://github.com/wazuh/wazuh/tree/${FILEBEAT_TEMPLATE_BRANCH}"; then
echo "The indicated branch does not exist in the wazuh/wazuh repository: ${FILEBEAT_TEMPLATE_BRANCH}"
clean 1
fi
else
if curl --output /dev/null --silent --head --fail "https://github.com/wazuh/wazuh/tree/v${FILEBEAT_TEMPLATE_BRANCH}"; then
FILEBEAT_TEMPLATE_BRANCH="v${FILEBEAT_TEMPLATE_BRANCH}"
elif curl --output /dev/null --silent --head --fail "https://github.com/wazuh/wazuh/tree/${FILEBEAT_TEMPLATE_BRANCH}"; then
FILEBEAT_TEMPLATE_BRANCH="${FILEBEAT_TEMPLATE_BRANCH}"
else
WAZUH_MASTER_VERSION="$(curl -s https://raw.githubusercontent.com/wazuh/wazuh/master/src/VERSION | sed -e 's/v//g')"
if [ "${FILEBEAT_TEMPLATE_BRANCH}" == "${WAZUH_MASTER_VERSION}" ]; then
FILEBEAT_TEMPLATE_BRANCH="master"
else
echo "The indicated branch does not exist in the wazuh/wazuh repository: ${FILEBEAT_TEMPLATE_BRANCH}"
clean 1
fi
fi
fi
echo WAZUH_VERSION=$WAZUH_IMAGE_VERSION > .env
echo WAZUH_IMAGE_VERSION=$WAZUH_IMAGE_VERSION >> .env
echo WAZUH_TAG_REVISION=$WAZUH_TAG_REVISION >> .env
echo FILEBEAT_TEMPLATE_BRANCH=$FILEBEAT_TEMPLATE_BRANCH >> .env
echo WAZUH_FILEBEAT_MODULE=$WAZUH_FILEBEAT_MODULE >> .env
echo WAZUH_UI_REVISION=$WAZUH_UI_REVISION >> .env
docker-compose -f build-docker-images/build-images.yml --env-file .env build --no-cache
return 0
}
# -----------------------------------------------------------------------------
help() {
echo
echo "Usage: $0 [OPTIONS]"
echo
echo " -d, --dev <ref> [Optional] Set the development stage you want to build, example rc1 or beta1, not used by default."
echo " -f, --filebeat-module <ref> [Optional] Set Filebeat module version. By default ${FILEBEAT_MODULE_VERSION}."
echo " -r, --revision <rev> [Optional] Package revision. By default ${WAZUH_TAG_REVISION}"
echo " -v, --version <ver> [Optional] Set the Wazuh version should be builded. By default, ${WAZUH_IMAGE_VERSION}."
echo " -h, --help Show this help."
echo
exit $1
}
# -----------------------------------------------------------------------------
main() {
while [ -n "${1}" ]
do
case "${1}" in
"-h"|"--help")
help 0
;;
"-d"|"--dev")
if [ -n "${2}" ]; then
WAZUH_DEV_STAGE="${2}"
shift 2
else
help 1
fi
;;
"-f"|"--filebeat-module")
if [ -n "${2}" ]; then
FILEBEAT_MODULE_VERSION="${2}"
shift 2
else
help 1
fi
;;
"-r"|"--revision")
if [ -n "${2}" ]; then
WAZUH_TAG_REVISION="${2}"
shift 2
else
help 1
fi
;;
"-v"|"--version")
if [ -n "$2" ]; then
WAZUH_IMAGE_VERSION="$2"
shift 2
else
help 1
fi
;;
*)
help 1
esac
done
build || clean 1
clean 0
}
main "$@"

View File

@@ -1,10 +1,16 @@
# Wazuh App Copyright (C) 2021 Wazuh Inc. (License GPLv2) # Wazuh App Copyright (C) 2017, Wazuh Inc. (License GPLv2)
version: '3.7' version: '3.7'
services: services:
wazuh.manager: wazuh.manager:
build: wazuh-manager/ build:
image: wazuh/wazuh-manager:4.3.0 context: wazuh-manager/
args:
WAZUH_VERSION: ${WAZUH_VERSION}
WAZUH_TAG_REVISION: ${WAZUH_TAG_REVISION}
FILEBEAT_TEMPLATE_BRANCH: ${FILEBEAT_TEMPLATE_BRANCH}
WAZUH_FILEBEAT_MODULE: ${WAZUH_FILEBEAT_MODULE}
image: wazuh/wazuh-manager:${WAZUH_IMAGE_VERSION}
hostname: wazuh.manager hostname: wazuh.manager
restart: always restart: always
ports: ports:
@@ -31,8 +37,12 @@ services:
- filebeat_var:/var/lib/filebeat - filebeat_var:/var/lib/filebeat
wazuh.indexer: wazuh.indexer:
build: wazuh-indexer/ build:
image: wazuh/wazuh-indexer:4.3.0 context: wazuh-indexer/
args:
WAZUH_VERSION: ${WAZUH_VERSION}
WAZUH_TAG_REVISION: ${WAZUH_TAG_REVISION}
image: wazuh/wazuh-indexer:${WAZUH_IMAGE_VERSION}
hostname: wazuh.indexer hostname: wazuh.indexer
restart: always restart: always
ports: ports:
@@ -48,8 +58,13 @@ services:
hard: 65536 hard: 65536
wazuh.dashboard: wazuh.dashboard:
build: wazuh-dashboard/ build:
image: wazuh/wazuh-dashboard:4.3.0 context: wazuh-dashboard/
args:
WAZUH_VERSION: ${WAZUH_VERSION}
WAZUH_TAG_REVISION: ${WAZUH_TAG_REVISION}
WAZUH_UI_REVISION: ${WAZUH_UI_REVISION}
image: wazuh/wazuh-dashboard:${WAZUH_IMAGE_VERSION}
hostname: wazuh.dashboard hostname: wazuh.dashboard
restart: always restart: always
ports: ports:

View File

@@ -1,8 +1,10 @@
# Wazuh Docker Copyright (C) 2021 Wazuh Inc. (License GPLv2) # Wazuh Docker Copyright (C) 2017, Wazuh Inc. (License GPLv2)
FROM ubuntu:focal AS builder FROM ubuntu:focal AS builder
ARG WAZUH_VERSION=4.3.0 ARG WAZUH_VERSION
ARG WAZUH_TAG_REVISION
ARG INSTALL_DIR=/usr/share/wazuh-dashboard ARG INSTALL_DIR=/usr/share/wazuh-dashboard
ARG WAZUH_UI_REVISION
# Update and install dependencies # Update and install dependencies
RUN apt-get update && apt install curl libcap2-bin xz-utils -y RUN apt-get update && apt install curl libcap2-bin xz-utils -y
@@ -11,21 +13,17 @@ RUN apt-get update && apt install curl libcap2-bin xz-utils -y
RUN mkdir -p $INSTALL_DIR RUN mkdir -p $INSTALL_DIR
# Download and extract Wazuh dashboard base # Download and extract Wazuh dashboard base
RUN curl -o wazuh-dashboard-base.tar.xz https://packages-dev.wazuh.com/stack/dashboard/base/wazuh-dashboard-base-${WAZUH_VERSION}-linux-x64.tar.xz && \ COPY config/dl_base.sh .
tar -xf wazuh-dashboard-base.tar.xz --directory $INSTALL_DIR --strip-components=1 RUN bash dl_base.sh
# Generate certificates # Generate certificates
COPY config/config.sh . COPY config/config.sh .
COPY config/config.yml / COPY config/config.yml /
RUN bash config.sh RUN bash config.sh
# Create and configure Wazuh dashboard keystore COPY config/install_wazuh_app.sh /
RUN $INSTALL_DIR/bin/opensearch-dashboards-keystore create --allow-root && \ RUN chmod 775 /install_wazuh_app.sh
echo kibanaserver | $INSTALL_DIR/bin/opensearch-dashboards-keystore add opensearch.username --stdin --allow-root && \ RUN bash /install_wazuh_app.sh
echo kibanaserver | $INSTALL_DIR/bin/opensearch-dashboards-keystore add opensearch.password --stdin --allow-root
# Install Wazuh App
RUN $INSTALL_DIR/bin/opensearch-dashboards-plugin install https://packages-dev.wazuh.com/pre-release/ui/dashboard/wazuh-${WAZUH_VERSION}.zip --allow-root
# Copy and set permissions to config files # Copy and set permissions to config files
COPY config/opensearch_dashboards.yml $INSTALL_DIR/config/ COPY config/opensearch_dashboards.yml $INSTALL_DIR/config/
@@ -68,6 +66,8 @@ ENV PATTERN="" \
EXTENSIONS_CISCAT="" \ EXTENSIONS_CISCAT="" \
EXTENSIONS_AWS="" \ EXTENSIONS_AWS="" \
EXTENSIONS_GCP="" \ EXTENSIONS_GCP="" \
EXTENSIONS_GITHUB=""\
EXTENSIONS_OFFICE=""\
EXTENSIONS_VIRUSTOTAL="" \ EXTENSIONS_VIRUSTOTAL="" \
EXTENSIONS_OSQUERY="" \ EXTENSIONS_OSQUERY="" \
EXTENSIONS_DOCKER="" \ EXTENSIONS_DOCKER="" \
@@ -101,6 +101,10 @@ RUN chown 1000:1000 /*.sh
# Copy Install dir from builder to current image # Copy Install dir from builder to current image
COPY --from=builder --chown=1000:1000 $INSTALL_DIR $INSTALL_DIR COPY --from=builder --chown=1000:1000 $INSTALL_DIR $INSTALL_DIR
# Create custom directory
RUN mkdir -p /usr/share/wazuh-dashboard/plugins/wazuh/public/assets/custom
RUN chown 1000:1000 /usr/share/wazuh-dashboard/plugins/wazuh/public/assets/custom
# Set workdir and user # Set workdir and user
WORKDIR $INSTALL_DIR WORKDIR $INSTALL_DIR
USER wazuh-dashboard USER wazuh-dashboard

View File

@@ -1,4 +1,4 @@
# Wazuh Docker Copyright (C) 2021 Wazuh Inc. (License GPLv2) # Wazuh Docker Copyright (C) 2017, Wazuh Inc. (License GPLv2)
# This has to be exported to make some magic below work. # This has to be exported to make some magic below work.
export DH_OPTIONS export DH_OPTIONS
@@ -9,8 +9,8 @@ export CONFIG_DIR=${INSTALLATION_DIR}/config
## Variables ## Variables
CERT_TOOL=wazuh-certs-tool.sh CERT_TOOL=wazuh-certs-tool.sh
PACKAGES_URL=https://packages.wazuh.com/4.3/ PACKAGES_URL=https://packages.wazuh.com/4.7/
PACKAGES_DEV_URL=https://packages-dev.wazuh.com/4.3/ PACKAGES_DEV_URL=https://packages-dev.wazuh.com/4.7/
## Check if the cert tool exists in S3 buckets ## Check if the cert tool exists in S3 buckets
CERT_TOOL_PACKAGES=$(curl --silent -I $PACKAGES_URL$CERT_TOOL | grep -E "^HTTP" | awk '{print $2}') CERT_TOOL_PACKAGES=$(curl --silent -I $PACKAGES_URL$CERT_TOOL | grep -E "^HTTP" | awk '{print $2}')

View File

@@ -0,0 +1,25 @@
REPOSITORY="packages.wazuh.com/4.x"
WAZUH_CURRENT_VERSION=$(curl --silent https://api.github.com/repos/wazuh/wazuh/releases/latest | grep '\"tag_name\":' | sed -E 's/.*\"([^\"]+)\".*/\1/' | cut -c 2-)
MAJOR_BUILD=$(echo $WAZUH_VERSION | cut -d. -f1)
MID_BUILD=$(echo $WAZUH_VERSION | cut -d. -f2)
MINOR_BUILD=$(echo $WAZUH_VERSION | cut -d. -f3)
MAJOR_CURRENT=$(echo $WAZUH_CURRENT_VERSION | cut -d. -f1)
MID_CURRENT=$(echo $WAZUH_CURRENT_VERSION | cut -d. -f2)
MINOR_CURRENT=$(echo $WAZUH_CURRENT_VERSION | cut -d. -f3)
## check version to use the correct repository
if [ "$MAJOR_BUILD" -gt "$MAJOR_CURRENT" ]; then
REPOSITORY="packages-dev.wazuh.com/pre-release"
elif [ "$MAJOR_BUILD" -eq "$MAJOR_CURRENT" ]; then
if [ "$MID_BUILD" -gt "$MID_CURRENT" ]; then
REPOSITORY="packages-dev.wazuh.com/pre-release"
elif [ "$MID_BUILD" -eq "$MID_CURRENT" ]; then
if [ "$MINOR_BUILD" -gt "$MINOR_CURRENT" ]; then
REPOSITORY="packages-dev.wazuh.com/pre-release"
fi
fi
fi
curl -o wazuh-dashboard-base.tar.xz https://${REPOSITORY}/stack/dashboard/wazuh-dashboard-base-${WAZUH_VERSION}-${WAZUH_TAG_REVISION}-linux-x64.tar.xz
tar -xf wazuh-dashboard-base.tar.xz --directory $INSTALL_DIR --strip-components=1

View File

@@ -1,10 +1,20 @@
#!/bin/bash #!/bin/bash
# Wazuh Docker Copyright (C) 2021 Wazuh Inc. (License GPLv2) # Wazuh Docker Copyright (C) 2017, Wazuh Inc. (License GPLv2)
INSTALL_DIR=/usr/share/wazuh-dashboard
DASHBOARD_USERNAME="${DASHBOARD_USERNAME:-kibanaserver}"
DASHBOARD_PASSWORD="${DASHBOARD_PASSWORD:-kibanaserver}"
# Create and configure Wazuh dashboard keystore
yes | $INSTALL_DIR/bin/opensearch-dashboards-keystore create --allow-root && \
echo $DASHBOARD_USERNAME | $INSTALL_DIR/bin/opensearch-dashboards-keystore add opensearch.username --stdin --allow-root && \
echo $DASHBOARD_PASSWORD | $INSTALL_DIR/bin/opensearch-dashboards-keystore add opensearch.password --stdin --allow-root
############################################################################## ##############################################################################
# Start Wazuh dashboard # Start Wazuh dashboard
############################################################################## ##############################################################################
/wazuh_app_config.sh /wazuh_app_config.sh $WAZUH_UI_REVISION
/usr/share/wazuh-dashboard/bin/opensearch-dashboards -c /usr/share/wazuh-dashboard/config/opensearch_dashboards.yml /usr/share/wazuh-dashboard/bin/opensearch-dashboards -c /usr/share/wazuh-dashboard/config/opensearch_dashboards.yml

View File

@@ -0,0 +1,25 @@
## variables
WAZUH_APP=https://packages.wazuh.com/4.x/ui/dashboard/wazuh-${WAZUH_VERSION}-${WAZUH_UI_REVISION}.zip
WAZUH_CURRENT_VERSION=$(curl --silent https://api.github.com/repos/wazuh/wazuh/releases/latest | grep '\"tag_name\":' | sed -E 's/.*\"([^\"]+)\".*/\1/' | cut -c 2-)
MAJOR_BUILD=$(echo $WAZUH_VERSION | cut -d. -f1)
MID_BUILD=$(echo $WAZUH_VERSION | cut -d. -f2)
MINOR_BUILD=$(echo $WAZUH_VERSION | cut -d. -f3)
MAJOR_CURRENT=$(echo $WAZUH_CURRENT_VERSION | cut -d. -f1)
MID_CURRENT=$(echo $WAZUH_CURRENT_VERSION | cut -d. -f2)
MINOR_CURRENT=$(echo $WAZUH_CURRENT_VERSION | cut -d. -f3)
## check version to use the correct repository
if [ "$MAJOR_BUILD" -gt "$MAJOR_CURRENT" ]; then
WAZUH_APP=https://packages-dev.wazuh.com/pre-release/ui/dashboard/wazuh-${WAZUH_VERSION}-${WAZUH_UI_REVISION}.zip
elif [ "$MAJOR_BUILD" -eq "$MAJOR_CURRENT" ]; then
if [ "$MID_BUILD" -gt "$MID_CURRENT" ]; then
WAZUH_APP=https://packages-dev.wazuh.com/pre-release/ui/dashboard/wazuh-${WAZUH_VERSION}-${WAZUH_UI_REVISION}.zip
elif [ "$MID_BUILD" -eq "$MID_CURRENT" ]; then
if [ "$MINOR_BUILD" -gt "$MINOR_CURRENT" ]; then
WAZUH_APP=https://packages-dev.wazuh.com/pre-release/ui/dashboard/wazuh-${WAZUH_VERSION}-${WAZUH_UI_REVISION}.zip
fi
fi
fi
# Install Wazuh App
$INSTALL_DIR/bin/opensearch-dashboards-plugin install $WAZUH_APP --allow-root

View File

@@ -1,5 +1,5 @@
server.host: 0.0.0.0 server.host: 0.0.0.0
server.port: 443 server.port: 5601
opensearch.hosts: https://wazuh.indexer:9200 opensearch.hosts: https://wazuh.indexer:9200
opensearch.ssl.verificationMode: none opensearch.ssl.verificationMode: none
opensearch.requestHeadersWhitelist: [ authorization,securitytenant ] opensearch.requestHeadersWhitelist: [ authorization,securitytenant ]

View File

@@ -1,7 +1,7 @@
--- ---
# #
# Wazuh app - App configuration file # Wazuh app - App configuration file
# Copyright (C) 2015-2021 Wazuh, Inc. # Copyright (C) 2017, Wazuh Inc.
# #
# This program is free software; you can redistribute it and/or modify # This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by # it under the terms of the GNU General Public License as published by
@@ -16,7 +16,7 @@
# https://documentation.wazuh.com/current/installation-guide/index.html # https://documentation.wazuh.com/current/installation-guide/index.html
# #
# Also, you can check our repository: # Also, you can check our repository:
# https://github.com/wazuh/wazuh-kibana-app # https://github.com/wazuh/wazuh-dashboard-plugins
# #
# ------------------------------- Index patterns ------------------------------- # ------------------------------- Index patterns -------------------------------
# #

View File

@@ -1,5 +1,5 @@
#!/bin/bash #!/bin/bash
# Wazuh Docker Copyright (C) 2021 Wazuh Inc. (License GPLv2) # Wazuh Docker Copyright (C) 2017, Wazuh Inc. (License GPLv2)
wazuh_url="${WAZUH_API_URL:-https://wazuh}" wazuh_url="${WAZUH_API_URL:-https://wazuh}"
wazuh_port="${API_PORT:-55000}" wazuh_port="${API_PORT:-55000}"
@@ -25,6 +25,8 @@ declare -A CONFIG_MAP=(
[extensions.ciscat]=$EXTENSIONS_CISCAT [extensions.ciscat]=$EXTENSIONS_CISCAT
[extensions.aws]=$EXTENSIONS_AWS [extensions.aws]=$EXTENSIONS_AWS
[extensions.gcp]=$EXTENSIONS_GCP [extensions.gcp]=$EXTENSIONS_GCP
[extensions.github]=$EXTENSIONS_GITHUB
[extensions.office]=$EXTENSIONS_OFFICE
[extensions.virustotal]=$EXTENSIONS_VIRUSTOTAL [extensions.virustotal]=$EXTENSIONS_VIRUSTOTAL
[extensions.osquery]=$EXTENSIONS_OSQUERY [extensions.osquery]=$EXTENSIONS_OSQUERY
[extensions.docker]=$EXTENSIONS_DOCKER [extensions.docker]=$EXTENSIONS_DOCKER

View File

@@ -1,6 +1,9 @@
# Wazuh Docker Copyright (C) 2021 Wazuh Inc. (License GPLv2) # Wazuh Docker Copyright (C) 2017, Wazuh Inc. (License GPLv2)
FROM ubuntu:focal AS builder FROM ubuntu:focal AS builder
ARG WAZUH_VERSION
ARG WAZUH_TAG_REVISION
RUN apt-get update -y && apt-get install curl openssl xz-utils -y RUN apt-get update -y && apt-get install curl openssl xz-utils -y
COPY config/opensearch.yml / COPY config/opensearch.yml /
@@ -56,14 +59,15 @@ COPY --from=builder --chown=0:0 /debian/wazuh-indexer/usr/lib/systemd /usr/lib/s
COPY --from=builder --chown=0:0 /debian/wazuh-indexer/usr/lib/sysctl.d /usr/lib/sysctl.d COPY --from=builder --chown=0:0 /debian/wazuh-indexer/usr/lib/sysctl.d /usr/lib/sysctl.d
COPY --from=builder --chown=0:0 /debian/wazuh-indexer/usr/lib/tmpfiles.d /usr/lib/tmpfiles.d COPY --from=builder --chown=0:0 /debian/wazuh-indexer/usr/lib/tmpfiles.d /usr/lib/tmpfiles.d
RUN chown -R 1000:1000 /usr/share/wazuh-indexer
RUN mkdir -p /var/lib/wazuh-indexer && chown 1000:1000 /var/lib/wazuh-indexer && \ RUN mkdir -p /var/lib/wazuh-indexer && chown 1000:1000 /var/lib/wazuh-indexer && \
mkdir -p /usr/share/wazuh-indexer/logs && chown 1000:1000 /usr/share/wazuh-indexer/logs && \ mkdir -p /usr/share/wazuh-indexer/logs && chown 1000:1000 /usr/share/wazuh-indexer/logs && \
mkdir -p /run/wazuh-indexer && chown 1000:1000 /run/wazuh-indexer && \ mkdir -p /run/wazuh-indexer && chown 1000:1000 /run/wazuh-indexer && \
mkdir -p /var/log/wazuh-indexer && chown 1000:1000 /var/log/wazuh-indexer && \ mkdir -p /var/log/wazuh-indexer && chown 1000:1000 /var/log/wazuh-indexer && \
chmod 700 /usr/share/wazuh-indexer/config && \ chmod 700 /usr/share/wazuh-indexer && \
chmod 600 /usr/share/wazuh-indexer/config/jvm.options && \ chmod 600 /usr/share/wazuh-indexer/jvm.options && \
chmod 600 /usr/share/wazuh-indexer/config/opensearch.yml chmod 600 /usr/share/wazuh-indexer/opensearch.yml
USER wazuh-indexer USER wazuh-indexer

View File

@@ -1,4 +1,4 @@
# Wazuh Docker Copyright (C) 2021 Wazuh Inc. (License GPLv2) # Wazuh Docker Copyright (C) 2017, Wazuh Inc. (License GPLv2)
# This has to be exported to make some magic below work. # This has to be exported to make some magic below work.
export DH_OPTIONS export DH_OPTIONS
@@ -8,21 +8,44 @@ export TARGET_DIR=${CURDIR}/debian/${NAME}
# Package build options # Package build options
export USER=${NAME} export USER=${NAME}
export GROUP=${NAME} export GROUP=${NAME}
export VERSION=4.3.0 export VERSION=${WAZUH_VERSION}-${WAZUH_TAG_REVISION}
export LOG_DIR=/var/log/${NAME} export LOG_DIR=/var/log/${NAME}
export LIB_DIR=/var/lib/${NAME} export LIB_DIR=/var/lib/${NAME}
export PID_DIR=/run/${NAME} export PID_DIR=/run/${NAME}
export INSTALLATION_DIR=/usr/share/${NAME} export INSTALLATION_DIR=/usr/share/${NAME}
export CONFIG_DIR=${INSTALLATION_DIR}/config export CONFIG_DIR=${INSTALLATION_DIR}
export BASE_DIR=${NAME}-* export BASE_DIR=${NAME}-*
export INDEXER_FILE=wazuh-indexer-base.tar.xz export INDEXER_FILE=wazuh-indexer-base.tar.xz
export BASE_FILE=wazuh-indexer-base-${VERSION}-linux-x64.tar.xz export BASE_FILE=wazuh-indexer-base-${VERSION}-linux-x64.tar.xz
export REPO_DIR=/unattended_installer export REPO_DIR=/unattended_installer
rm -rf ${INSTALLATION_DIR}/ rm -rf ${INSTALLATION_DIR}/
curl -o ${INDEXER_FILE} https://packages-dev.wazuh.com/stack/indexer/base/${BASE_FILE} ## variables
REPOSITORY="packages.wazuh.com/4.x"
WAZUH_CURRENT_VERSION=$(curl --silent https://api.github.com/repos/wazuh/wazuh/releases/latest | grep '\"tag_name\":' | sed -E 's/.*\"([^\"]+)\".*/\1/' | cut -c 2-)
MAJOR_BUILD=$(echo $WAZUH_VERSION | cut -d. -f1)
MID_BUILD=$(echo $WAZUH_VERSION | cut -d. -f2)
MINOR_BUILD=$(echo $WAZUH_VERSION | cut -d. -f3)
MAJOR_CURRENT=$(echo $WAZUH_CURRENT_VERSION | cut -d. -f1)
MID_CURRENT=$(echo $WAZUH_CURRENT_VERSION | cut -d. -f2)
MINOR_CURRENT=$(echo $WAZUH_CURRENT_VERSION | cut -d. -f3)
## check version to use the correct repository
if [ "$MAJOR_BUILD" -gt "$MAJOR_CURRENT" ]; then
REPOSITORY="packages-dev.wazuh.com/pre-release"
elif [ "$MAJOR_BUILD" -eq "$MAJOR_CURRENT" ]; then
if [ "$MID_BUILD" -gt "$MID_CURRENT" ]; then
REPOSITORY="packages-dev.wazuh.com/pre-release"
elif [ "$MID_BUILD" -eq "$MID_CURRENT" ]; then
if [ "$MINOR_BUILD" -gt "$MINOR_CURRENT" ]; then
REPOSITORY="packages-dev.wazuh.com/pre-release"
fi
fi
fi
curl -o ${INDEXER_FILE} https://${REPOSITORY}/stack/indexer/${BASE_FILE}
tar -xf ${INDEXER_FILE} tar -xf ${INDEXER_FILE}
## TOOLS ## TOOLS
@@ -30,8 +53,8 @@ tar -xf ${INDEXER_FILE}
## Variables ## Variables
CERT_TOOL=wazuh-certs-tool.sh CERT_TOOL=wazuh-certs-tool.sh
PASSWORD_TOOL=wazuh-passwords-tool.sh PASSWORD_TOOL=wazuh-passwords-tool.sh
PACKAGES_URL=https://packages.wazuh.com/4.3/ PACKAGES_URL=https://packages.wazuh.com/4.7/
PACKAGES_DEV_URL=https://packages-dev.wazuh.com/4.3/ PACKAGES_DEV_URL=https://packages-dev.wazuh.com/4.7/
## Check if the cert tool exists in S3 buckets ## Check if the cert tool exists in S3 buckets
CERT_TOOL_PACKAGES=$(curl --silent -I $PACKAGES_URL$CERT_TOOL | grep -E "^HTTP" | awk '{print $2}') CERT_TOOL_PACKAGES=$(curl --silent -I $PACKAGES_URL$CERT_TOOL | grep -E "^HTTP" | awk '{print $2}')
@@ -70,6 +93,7 @@ chmod 755 $CERT_TOOL && bash /$CERT_TOOL -A
# copy to target # copy to target
mkdir -p ${TARGET_DIR}${INSTALLATION_DIR} mkdir -p ${TARGET_DIR}${INSTALLATION_DIR}
mkdir -p ${TARGET_DIR}${INSTALLATION_DIR}/opensearch-security/
mkdir -p ${TARGET_DIR}${CONFIG_DIR} mkdir -p ${TARGET_DIR}${CONFIG_DIR}
mkdir -p ${TARGET_DIR}${LIB_DIR} mkdir -p ${TARGET_DIR}${LIB_DIR}
mkdir -p ${TARGET_DIR}${LOG_DIR} mkdir -p ${TARGET_DIR}${LOG_DIR}
@@ -94,9 +118,9 @@ cp -pr ${BASE_DIR}/* ${TARGET_DIR}${INSTALLATION_DIR}
cp /$CERT_TOOL ${TARGET_DIR}${INSTALLATION_DIR}/plugins/opensearch-security/tools/ cp /$CERT_TOOL ${TARGET_DIR}${INSTALLATION_DIR}/plugins/opensearch-security/tools/
cp /$PASSWORD_TOOL ${TARGET_DIR}${INSTALLATION_DIR}/plugins/opensearch-security/tools/ cp /$PASSWORD_TOOL ${TARGET_DIR}${INSTALLATION_DIR}/plugins/opensearch-security/tools/
# Copy Wazuh's config files for the security plugin # Copy Wazuh's config files for the security plugin
cp -pr /roles_mapping.yml ${TARGET_DIR}${INSTALLATION_DIR}/plugins/opensearch-security/securityconfig/ cp -pr /roles_mapping.yml ${TARGET_DIR}${INSTALLATION_DIR}/opensearch-security/
cp -pr /roles.yml ${TARGET_DIR}${INSTALLATION_DIR}/plugins/opensearch-security/securityconfig/ cp -pr /roles.yml ${TARGET_DIR}${INSTALLATION_DIR}/opensearch-security/
cp -pr /internal_users.yml ${TARGET_DIR}${INSTALLATION_DIR}/plugins/opensearch-security/securityconfig/ cp -pr /internal_users.yml ${TARGET_DIR}${INSTALLATION_DIR}/opensearch-security/
cp -pr /opensearch.yml ${TARGET_DIR}${CONFIG_DIR} cp -pr /opensearch.yml ${TARGET_DIR}${CONFIG_DIR}
# Copy Wazuh indexer's certificates # Copy Wazuh indexer's certificates
cp -pr /wazuh-certificates/demo.indexer.pem ${TARGET_DIR}${CONFIG_DIR}/certs/indexer.pem cp -pr /wazuh-certificates/demo.indexer.pem ${TARGET_DIR}${CONFIG_DIR}/certs/indexer.pem
@@ -106,5 +130,17 @@ cp -pr /wazuh-certificates/root-ca.pem ${TARGET_DIR}${CONFIG_DIR}/certs/root-ca.
cp -pr /wazuh-certificates/admin.pem ${TARGET_DIR}${CONFIG_DIR}/certs/admin.pem cp -pr /wazuh-certificates/admin.pem ${TARGET_DIR}${CONFIG_DIR}/certs/admin.pem
cp -pr /wazuh-certificates/admin-key.pem ${TARGET_DIR}${CONFIG_DIR}/certs/admin-key.pem cp -pr /wazuh-certificates/admin-key.pem ${TARGET_DIR}${CONFIG_DIR}/certs/admin-key.pem
# Delete xms and xmx parameters in jvm.options
sed '/-Xms/d' -i ${TARGET_DIR}${CONFIG_DIR}/jvm.options
sed '/-Xmx/d' -i ${TARGET_DIR}${CONFIG_DIR}/jvm.options
sed -i 's/-Djava.security.policy=file:\/\/\/etc\/wazuh-indexer\/opensearch-performance-analyzer\/opensearch_security.policy/-Djava.security.policy=file:\/\/\/usr\/share\/wazuh-indexer\/opensearch-performance-analyzer\/opensearch_security.policy/g' ${TARGET_DIR}${CONFIG_DIR}/jvm.options
chmod -R 500 ${TARGET_DIR}${CONFIG_DIR}/certs chmod -R 500 ${TARGET_DIR}${CONFIG_DIR}/certs
chmod -R 400 ${TARGET_DIR}${CONFIG_DIR}/certs/* chmod -R 400 ${TARGET_DIR}${CONFIG_DIR}/certs/*
find ${TARGET_DIR} -type d -exec chmod 750 {} \;
find ${TARGET_DIR} -type f -perm 644 -exec chmod 640 {} \;
find ${TARGET_DIR} -type f -perm 664 -exec chmod 660 {} \;
find ${TARGET_DIR} -type f -perm 755 -exec chmod 750 {} \;
find ${TARGET_DIR} -type f -perm 744 -exec chmod 740 {} \;

View File

@@ -1,12 +1,12 @@
#!/usr/bin/env bash #!/usr/bin/env bash
# Wazuh Docker Copyright (C) 2021 Wazuh Inc. (License GPLv2) # Wazuh Docker Copyright (C) 2017, Wazuh Inc. (License GPLv2)
set -e set -e
umask 0002 umask 0002
export USER=wazuh-indexer export USER=wazuh-indexer
export INSTALLATION_DIR=/usr/share/wazuh-indexer export INSTALLATION_DIR=/usr/share/wazuh-indexer
export OPENSEARCH_PATH_CONF=${INSTALLATION_DIR}/config export OPENSEARCH_PATH_CONF=${INSTALLATION_DIR}
export JAVA_HOME=${INSTALLATION_DIR}/jdk export JAVA_HOME=${INSTALLATION_DIR}/jdk
export DISCOVERY=$(grep -oP "(?<=discovery.type: ).*" ${OPENSEARCH_PATH_CONF}/opensearch.yml) export DISCOVERY=$(grep -oP "(?<=discovery.type: ).*" ${OPENSEARCH_PATH_CONF}/opensearch.yml)
export CACERT=$(grep -oP "(?<=plugins.security.ssl.transport.pemtrustedcas_filepath: ).*" ${OPENSEARCH_PATH_CONF}/opensearch.yml) export CACERT=$(grep -oP "(?<=plugins.security.ssl.transport.pemtrustedcas_filepath: ).*" ${OPENSEARCH_PATH_CONF}/opensearch.yml)
@@ -59,7 +59,7 @@ if [[ -f bin/opensearch-users ]]; then
# enabled, but we have no way of knowing which node we are yet. We'll just # enabled, but we have no way of knowing which node we are yet. We'll just
# honor the variable if it's present. # honor the variable if it's present.
if [[ -n "$INDEXER_PASSWORD" ]]; then if [[ -n "$INDEXER_PASSWORD" ]]; then
[[ -f /usr/share/wazuh-indexer/config/opensearch.keystore ]] || (run_as_other_user_if_needed opensearch-keystore create) [[ -f /usr/share/wazuh-indexer/opensearch.keystore ]] || (run_as_other_user_if_needed opensearch-keystore create)
if ! (run_as_other_user_if_needed opensearch-keystore has-passwd --silent) ; then if ! (run_as_other_user_if_needed opensearch-keystore has-passwd --silent) ; then
# keystore is unencrypted # keystore is unencrypted
if ! (run_as_other_user_if_needed opensearch-keystore list | grep -q '^bootstrap.password$'); then if ! (run_as_other_user_if_needed opensearch-keystore list | grep -q '^bootstrap.password$'); then
@@ -84,9 +84,10 @@ if [[ "$(id -u)" == "0" ]]; then
fi fi
if [[ "$DISCOVERY" == "single-node" ]]; then #if [[ "$DISCOVERY" == "single-node" ]] && [[ ! -f "/var/lib/wazuh-indexer/.flag" ]]; then
# run securityadmin.sh for single node with CACERT, CERT and KEY parameter # run securityadmin.sh for single node with CACERT, CERT and KEY parameter
nohup /securityadmin.sh & # nohup /securityadmin.sh &
fi # touch "/var/lib/wazuh-indexer/.flag"
#fi
run_as_other_user_if_needed /usr/share/wazuh-indexer/bin/opensearch <<<"$KEYSTORE_PASSWORD" run_as_other_user_if_needed /usr/share/wazuh-indexer/bin/opensearch <<<"$KEYSTORE_PASSWORD"

View File

@@ -4,12 +4,12 @@ path.data: /var/lib/wazuh-indexer
path.logs: /var/log/wazuh-indexer path.logs: /var/log/wazuh-indexer
discovery.type: single-node discovery.type: single-node
compatibility.override_main_response_version: true compatibility.override_main_response_version: true
plugins.security.ssl.http.pemcert_filepath: ${OPENSEARCH_PATH_CONF}/certs/indexer.pem plugins.security.ssl.http.pemcert_filepath: /usr/share/wazuh-indexer/certs/indexer.pem
plugins.security.ssl.http.pemkey_filepath: ${OPENSEARCH_PATH_CONF}/certs/indexer-key.pem plugins.security.ssl.http.pemkey_filepath: /usr/share/wazuh-indexer/certs/indexer-key.pem
plugins.security.ssl.http.pemtrustedcas_filepath: ${OPENSEARCH_PATH_CONF}/certs/root-ca.pem plugins.security.ssl.http.pemtrustedcas_filepath: /usr/share/wazuh-indexer/certs/root-ca.pem
plugins.security.ssl.transport.pemcert_filepath: ${OPENSEARCH_PATH_CONF}/certs/indexer.pem plugins.security.ssl.transport.pemcert_filepath: /usr/share/wazuh-indexer/certs/indexer.pem
plugins.security.ssl.transport.pemkey_filepath: ${OPENSEARCH_PATH_CONF}/certs/indexer-key.pem plugins.security.ssl.transport.pemkey_filepath: /usr/share/wazuh-indexer/certs/indexer-key.pem
plugins.security.ssl.transport.pemtrustedcas_filepath: ${OPENSEARCH_PATH_CONF}/certs/root-ca.pem plugins.security.ssl.transport.pemtrustedcas_filepath: /usr/share/wazuh-indexer/certs/root-ca.pem
plugins.security.ssl.http.enabled: true plugins.security.ssl.http.enabled: true
plugins.security.ssl.transport.enforce_hostname_verification: false plugins.security.ssl.transport.enforce_hostname_verification: false
plugins.security.ssl.transport.resolve_hostname: false plugins.security.ssl.transport.resolve_hostname: false

View File

@@ -1,3 +1,3 @@
# Wazuh Docker Copyright (C) 2021 Wazuh Inc. (License GPLv2) # Wazuh Docker Copyright (C) 2017, Wazuh Inc. (License GPLv2)
sleep 30 sleep 30
bash /usr/share/wazuh-indexer/plugins/opensearch-security/tools/securityadmin.sh -cd /usr/share/wazuh-indexer/plugins/opensearch-security/securityconfig/ -nhnv -cacert $CACERT -cert $CERT -key $KEY -p 9300 -icl bash /usr/share/wazuh-indexer/plugins/opensearch-security/tools/securityadmin.sh -cd /usr/share/wazuh-indexer/opensearch-security/ -nhnv -cacert $CACERT -cert $CERT -key $KEY -p 9200 -icl

View File

@@ -1,24 +1,27 @@
# Wazuh Docker Copyright (C) 2021 Wazuh Inc. (License GPLv2) # Wazuh Docker Copyright (C) 2017, Wazuh Inc. (License GPLv2)
FROM ubuntu:focal FROM ubuntu:focal
ARG WAZUH_VERSION=4.3.0 RUN rm /bin/sh && ln -s /bin/bash /bin/sh
ARG TEMPLATE_VERSION=4.3
ARG WAZUH_VERSION
ARG WAZUH_TAG_REVISION
ARG FILEBEAT_TEMPLATE_BRANCH
ARG FILEBEAT_CHANNEL=filebeat-oss ARG FILEBEAT_CHANNEL=filebeat-oss
ARG FILEBEAT_VERSION=7.10.2 ARG FILEBEAT_VERSION=7.10.2
ARG WAZUH_FILEBEAT_MODULE="wazuh-filebeat-0.1.tar.gz" ARG WAZUH_FILEBEAT_MODULE
RUN apt-get update && apt install curl apt-transport-https lsb-release gnupg -y RUN apt-get update && apt install curl apt-transport-https lsb-release gnupg -y
RUN apt-key adv --fetch-keys https://packages.wazuh.com/key/GPG-KEY-WAZUH && \ COPY config/check_repository.sh /
echo "deb https://packages.wazuh.com/4.x/apt/ stable main" | tee -a /etc/apt/sources.list.d/wazuh.list && \ RUN chmod 775 /check_repository.sh
apt-get update && \ RUN source /check_repository.sh
apt-get install wazuh-manager=${WAZUH_VERSION}-1
RUN curl -L -O https://artifacts.elastic.co/downloads/beats/filebeat/${FILEBEAT_CHANNEL}-${FILEBEAT_VERSION}-amd64.deb &&\ RUN apt-get update && \
dpkg -i ${FILEBEAT_CHANNEL}-${FILEBEAT_VERSION}-amd64.deb && rm -f ${FILEBEAT_CHANNEL}-${FILEBEAT_VERSION}-amd64.deb && \ apt-get install wazuh-manager=${WAZUH_VERSION}-${WAZUH_TAG_REVISION}
curl -s https://packages.wazuh.com/4.x/filebeat/${WAZUH_FILEBEAT_MODULE} | tar -xvz -C /usr/share/filebeat/module
RUN curl -L https://github.com/aelsabbahy/goss/releases/latest/download/goss-linux-amd64 -o /usr/local/bin/goss && chmod +rx /usr/local/bin/goss COPY config/filebeat_module.sh /
RUN chmod 775 /filebeat_module.sh
RUN source /filebeat_module.sh
ARG S6_VERSION="v2.2.0.3" ARG S6_VERSION="v2.2.0.3"
RUN curl --fail --silent -L https://github.com/just-containers/s6-overlay/releases/download/${S6_VERSION}/s6-overlay-amd64.tar.gz \ RUN curl --fail --silent -L https://github.com/just-containers/s6-overlay/releases/download/${S6_VERSION}/s6-overlay-amd64.tar.gz \
@@ -34,7 +37,7 @@ COPY config/filebeat.yml /etc/filebeat/
RUN chmod go-w /etc/filebeat/filebeat.yml RUN chmod go-w /etc/filebeat/filebeat.yml
ADD https://raw.githubusercontent.com/wazuh/wazuh/$TEMPLATE_VERSION/extensions/elasticsearch/7.x/wazuh-template.json /etc/filebeat ADD https://raw.githubusercontent.com/wazuh/wazuh/$FILEBEAT_TEMPLATE_BRANCH/extensions/elasticsearch/7.x/wazuh-template.json /etc/filebeat
RUN chmod go-w /etc/filebeat/wazuh-template.json RUN chmod go-w /etc/filebeat/wazuh-template.json
# Prepare permanent data # Prepare permanent data
@@ -45,7 +48,19 @@ RUN chmod 755 /permanent_data.sh && \
sync && /permanent_data.sh && \ sync && /permanent_data.sh && \
sync && rm /permanent_data.sh sync && rm /permanent_data.sh
#Make mount directories for keep permissions
RUN mkdir -p /var/ossec/var/multigroups && \
chown root:wazuh /var/ossec/var/multigroups && \
chmod 770 /var/ossec/var/multigroups && \
mkdir -p /var/ossec/agentless && \
chown root:wazuh /var/ossec/agentless && \
chmod 770 /var/ossec/agentless && \
mkdir -p /var/ossec/active-response/bin && \
chown root:wazuh /var/ossec/active-response/bin && \
chmod 770 /var/ossec/active-response/bin
# Services ports # Services ports
EXPOSE 55000/tcp 1514/tcp 1515/tcp 514/udp 1516/tcp EXPOSE 55000/tcp 1514/tcp 1515/tcp 514/udp 1516/tcp
ENTRYPOINT [ "/init" ] ENTRYPOINT [ "/init" ]

View File

@@ -0,0 +1,29 @@
## variables
APT_KEY=https://packages.wazuh.com/key/GPG-KEY-WAZUH
REPOSITORY="deb https://packages.wazuh.com/4.x/apt/ stable main"
WAZUH_CURRENT_VERSION=$(curl --silent https://api.github.com/repos/wazuh/wazuh/releases/latest | grep '\"tag_name\":' | sed -E 's/.*\"([^\"]+)\".*/\1/' | cut -c 2-)
MAJOR_BUILD=$(echo $WAZUH_VERSION | cut -d. -f1)
MID_BUILD=$(echo $WAZUH_VERSION | cut -d. -f2)
MINOR_BUILD=$(echo $WAZUH_VERSION | cut -d. -f3)
MAJOR_CURRENT=$(echo $WAZUH_CURRENT_VERSION | cut -d. -f1)
MID_CURRENT=$(echo $WAZUH_CURRENT_VERSION | cut -d. -f2)
MINOR_CURRENT=$(echo $WAZUH_CURRENT_VERSION | cut -d. -f3)
## check version to use the correct repository
if [ "$MAJOR_BUILD" -gt "$MAJOR_CURRENT" ]; then
APT_KEY=https://packages-dev.wazuh.com/key/GPG-KEY-WAZUH
REPOSITORY="deb https://packages-dev.wazuh.com/pre-release/apt/ unstable main"
elif [ "$MAJOR_BUILD" -eq "$MAJOR_CURRENT" ]; then
if [ "$MID_BUILD" -gt "$MID_CURRENT" ]; then
APT_KEY=https://packages-dev.wazuh.com/key/GPG-KEY-WAZUH
REPOSITORY="deb https://packages-dev.wazuh.com/pre-release/apt/ unstable main"
elif [ "$MID_BUILD" -eq "$MID_CURRENT" ]; then
if [ "$MINOR_BUILD" -gt "$MINOR_CURRENT" ]; then
APT_KEY=https://packages-dev.wazuh.com/key/GPG-KEY-WAZUH
REPOSITORY="deb https://packages-dev.wazuh.com/pre-release/apt/ unstable main"
fi
fi
fi
apt-key adv --fetch-keys ${APT_KEY}
echo ${REPOSITORY} | tee -a /etc/apt/sources.list.d/wazuh.list

View File

@@ -13,7 +13,7 @@ SPECIAL_CHARS = "@$!%*?&-_"
try: try:
from wazuh.rbac.orm import create_rbac_db from wazuh.rbac.orm import check_database_integrity
from wazuh.security import ( from wazuh.security import (
create_user, create_user,
get_users, get_users,
@@ -21,7 +21,7 @@ try:
set_user_role, set_user_role,
update_user, update_user,
) )
except Exception as e: except ModuleNotFoundError as e:
logging.error("No module 'wazuh' found.") logging.error("No module 'wazuh' found.")
sys.exit(1) sys.exit(1)
@@ -69,7 +69,7 @@ if __name__ == "__main__":
username, password = read_user_file() username, password = read_user_file()
# create RBAC database # create RBAC database
create_rbac_db() check_database_integrity()
initial_users = db_users() initial_users = db_users()
if username not in initial_users: if username not in initial_users:

View File

@@ -1,5 +1,5 @@
#!/usr/bin/with-contenv bash #!/usr/bin/with-contenv bash
# Wazuh App Copyright (C) 2021 Wazuh Inc. (License GPLv2) # Wazuh App Copyright (C) 2017, Wazuh Inc. (License GPLv2)
# Variables # Variables
source /permanent_data.env source /permanent_data.env
@@ -179,6 +179,15 @@ set_rids_owner() {
chown -R wazuh:wazuh /var/ossec/queue/rids chown -R wazuh:wazuh /var/ossec/queue/rids
} }
##############################################################################
# Change any ossec user/group to wazuh user/group
##############################################################################
set_correct_permOwner() {
find / -group 997 -exec chown :101 {} +;
find / -user 999 -exec chown 101 {} +;
}
############################################################################## ##############################################################################
# Main function # Main function
############################################################################## ##############################################################################
@@ -189,6 +198,9 @@ main() {
# Restore files stored in permanent data that are not permanent (i.e. internal_options.conf) # Restore files stored in permanent data that are not permanent (i.e. internal_options.conf)
apply_exclusion_data apply_exclusion_data
# Apply correct permission and ownership
set_correct_permOwner
# Rename files stored in permanent data (i.e. queue/ossec) # Rename files stored in permanent data (i.e. queue/ossec)
move_data_files move_data_files

View File

@@ -1,5 +1,5 @@
#!/usr/bin/with-contenv bash #!/usr/bin/with-contenv bash
# Wazuh App Copyright (C) 2021 Wazuh Inc. (License GPLv2) # Wazuh App Copyright (C) 2017, Wazuh Inc. (License GPLv2)
set -e set -e
@@ -12,32 +12,38 @@ fi
if [ "$INDEXER_USERNAME" != "" ]; then if [ "$INDEXER_USERNAME" != "" ]; then
>&2 echo "Configuring username." >&2 echo "Configuring username."
sed -i "s|#username:.*|username: '$INDEXER_USERNAME'|g" /etc/filebeat/filebeat.yml sed -i "s|#username:.*|username:|g" /etc/filebeat/filebeat.yml
sed -i "s|username:.*|username: '$INDEXER_USERNAME'|g" /etc/filebeat/filebeat.yml
fi fi
if [ "$INDEXER_PASSWORD" != "" ]; then if [ "$INDEXER_PASSWORD" != "" ]; then
>&2 echo "Configuring password." >&2 echo "Configuring password."
sed -i "s|#password:.*|password: '$INDEXER_PASSWORD'|g" /etc/filebeat/filebeat.yml sed -i "s|#password:.*|password:|g" /etc/filebeat/filebeat.yml
sed -i "s|password:.*|password: '$INDEXER_PASSWORD'|g" /etc/filebeat/filebeat.yml
fi fi
if [ "$FILEBEAT_SSL_VERIFICATION_MODE" != "" ]; then if [ "$FILEBEAT_SSL_VERIFICATION_MODE" != "" ]; then
>&2 echo "Configuring SSL verification mode." >&2 echo "Configuring SSL verification mode."
sed -i "s|#ssl.verification_mode:.*|ssl.verification_mode: $FILEBEAT_SSL_VERIFICATION_MODE|g" /etc/filebeat/filebeat.yml sed -i "s|#ssl.verification_mode:.*|ssl.verification_mode:|g" /etc/filebeat/filebeat.yml
sed -i "s|ssl.verification_mode:.*|ssl.verification_mode: '$FILEBEAT_SSL_VERIFICATION_MODE'|g" /etc/filebeat/filebeat.yml
fi fi
if [ "$SSL_CERTIFICATE_AUTHORITIES" != "" ]; then if [ "$SSL_CERTIFICATE_AUTHORITIES" != "" ]; then
>&2 echo "Configuring Certificate Authorities." >&2 echo "Configuring Certificate Authorities."
sed -i "s|#ssl.certificate_authorities:.*|ssl.certificate_authorities: ['$SSL_CERTIFICATE_AUTHORITIES']|g" /etc/filebeat/filebeat.yml sed -i "s|#ssl.certificate_authorities:.*|ssl.certificate_authorities:|g" /etc/filebeat/filebeat.yml
sed -i "s|ssl.certificate_authorities:.*|ssl.certificate_authorities: ['$SSL_CERTIFICATE_AUTHORITIES']|g" /etc/filebeat/filebeat.yml
fi fi
if [ "$SSL_CERTIFICATE" != "" ]; then if [ "$SSL_CERTIFICATE" != "" ]; then
>&2 echo "Configuring SSL Certificate." >&2 echo "Configuring SSL Certificate."
sed -i "s|#ssl.certificate:.*|ssl.certificate: '$SSL_CERTIFICATE'|g" /etc/filebeat/filebeat.yml sed -i "s|#ssl.certificate:.*|ssl.certificate:|g" /etc/filebeat/filebeat.yml
sed -i "s|ssl.certificate:.*|ssl.certificate: '$SSL_CERTIFICATE'|g" /etc/filebeat/filebeat.yml
fi fi
if [ "$SSL_KEY" != "" ]; then if [ "$SSL_KEY" != "" ]; then
>&2 echo "Configuring SSL Key." >&2 echo "Configuring SSL Key."
sed -i "s|#ssl.key:.*|ssl.key: '$SSL_KEY'|g" /etc/filebeat/filebeat.yml sed -i "s|#ssl.key:.*|ssl.key:|g" /etc/filebeat/filebeat.yml
sed -i "s|ssl.key:.*|ssl.key: '$SSL_KEY'|g" /etc/filebeat/filebeat.yml
fi fi

View File

@@ -20,3 +20,12 @@ output.elasticsearch:
#ssl.certificate_authorities: #ssl.certificate_authorities:
#ssl.certificate: #ssl.certificate:
#ssl.key: #ssl.key:
logging.metrics.enabled: false
seccomp:
default_action: allow
syscalls:
- action: allow
names:
- rseq

View File

@@ -0,0 +1,25 @@
REPOSITORY="packages.wazuh.com/4.x"
WAZUH_CURRENT_VERSION=$(curl --silent https://api.github.com/repos/wazuh/wazuh/releases/latest | grep '\"tag_name\":' | sed -E 's/.*\"([^\"]+)\".*/\1/' | cut -c 2-)
MAJOR_BUILD=$(echo $WAZUH_VERSION | cut -d. -f1)
MID_BUILD=$(echo $WAZUH_VERSION | cut -d. -f2)
MINOR_BUILD=$(echo $WAZUH_VERSION | cut -d. -f3)
MAJOR_CURRENT=$(echo $WAZUH_CURRENT_VERSION | cut -d. -f1)
MID_CURRENT=$(echo $WAZUH_CURRENT_VERSION | cut -d. -f2)
MINOR_CURRENT=$(echo $WAZUH_CURRENT_VERSION | cut -d. -f3)
## check version to use the correct repository
if [ "$MAJOR_BUILD" -gt "$MAJOR_CURRENT" ]; then
REPOSITORY="packages-dev.wazuh.com/pre-release"
elif [ "$MAJOR_BUILD" -eq "$MAJOR_CURRENT" ]; then
if [ "$MID_BUILD" -gt "$MID_CURRENT" ]; then
REPOSITORY="packages-dev.wazuh.com/pre-release"
elif [ "$MID_BUILD" -eq "$MID_CURRENT" ]; then
if [ "$MINOR_BUILD" -gt "$MINOR_CURRENT" ]; then
REPOSITORY="packages-dev.wazuh.com/pre-release"
fi
fi
fi
curl -L -O https://artifacts.elastic.co/downloads/beats/filebeat/${FILEBEAT_CHANNEL}-${FILEBEAT_VERSION}-amd64.deb &&\
dpkg -i ${FILEBEAT_CHANNEL}-${FILEBEAT_VERSION}-amd64.deb && rm -f ${FILEBEAT_CHANNEL}-${FILEBEAT_VERSION}-amd64.deb && \
curl -s https://${REPOSITORY}/filebeat/${WAZUH_FILEBEAT_MODULE} | tar -xvz -C /usr/share/filebeat/module

View File

@@ -21,6 +21,8 @@ PERMANENT_DATA_EXCP[((i++))]="/var/ossec/integrations/slack"
PERMANENT_DATA_EXCP[((i++))]="/var/ossec/integrations/slack.py" PERMANENT_DATA_EXCP[((i++))]="/var/ossec/integrations/slack.py"
PERMANENT_DATA_EXCP[((i++))]="/var/ossec/integrations/virustotal" PERMANENT_DATA_EXCP[((i++))]="/var/ossec/integrations/virustotal"
PERMANENT_DATA_EXCP[((i++))]="/var/ossec/integrations/virustotal.py" PERMANENT_DATA_EXCP[((i++))]="/var/ossec/integrations/virustotal.py"
PERMANENT_DATA_EXCP[((i++))]="/var/ossec/integrations/shuffle"
PERMANENT_DATA_EXCP[((i++))]="/var/ossec/integrations/shuffle.py"
PERMANENT_DATA_EXCP[((i++))]="/var/ossec/active-response/bin/default-firewall-drop" PERMANENT_DATA_EXCP[((i++))]="/var/ossec/active-response/bin/default-firewall-drop"
PERMANENT_DATA_EXCP[((i++))]="/var/ossec/active-response/bin/disable-account" PERMANENT_DATA_EXCP[((i++))]="/var/ossec/active-response/bin/disable-account"
PERMANENT_DATA_EXCP[((i++))]="/var/ossec/active-response/bin/firewalld-drop" PERMANENT_DATA_EXCP[((i++))]="/var/ossec/active-response/bin/firewalld-drop"

View File

@@ -1,5 +1,5 @@
#!/bin/bash #!/bin/bash
# Wazuh App Copyright (C) 2021 Wazuh Inc. (License GPLv2) # Wazuh App Copyright (C) 2017, Wazuh Inc. (License GPLv2)
# Variables # Variables
source /permanent_data.env source /permanent_data.env

View File

@@ -1,4 +1,4 @@
# Wazuh Docker Copyright (C) 2021 Wazuh Inc. (License GPLv2) # Wazuh Docker Copyright (C) 2017, Wazuh Inc. (License GPLv2)
FROM ubuntu:focal FROM ubuntu:focal
RUN apt-get update && apt-get install openssl curl -y RUN apt-get update && apt-get install openssl curl -y

View File

@@ -1,5 +1,5 @@
#!/bin/bash #!/bin/bash
# Wazuh Docker Copyright (C) 2021 Wazuh Inc. (License GPLv2) # Wazuh Docker Copyright (C) 2017, Wazuh Inc. (License GPLv2)
############################################################################## ##############################################################################
# Downloading Cert Gen Tool # Downloading Cert Gen Tool
@@ -8,8 +8,8 @@
## Variables ## Variables
CERT_TOOL=wazuh-certs-tool.sh CERT_TOOL=wazuh-certs-tool.sh
PASSWORD_TOOL=wazuh-passwords-tool.sh PASSWORD_TOOL=wazuh-passwords-tool.sh
PACKAGES_URL=https://packages.wazuh.com/4.3/ PACKAGES_URL=https://packages.wazuh.com/4.7/
PACKAGES_DEV_URL=https://packages-dev.wazuh.com/4.3/ PACKAGES_DEV_URL=https://packages-dev.wazuh.com/4.7/
## Check if the cert tool exists in S3 buckets ## Check if the cert tool exists in S3 buckets
CERT_TOOL_PACKAGES=$(curl --silent -I $PACKAGES_URL$CERT_TOOL | grep -E "^HTTP" | awk '{print $2}') CERT_TOOL_PACKAGES=$(curl --silent -I $PACKAGES_URL$CERT_TOOL | grep -E "^HTTP" | awk '{print $2}')
@@ -17,13 +17,13 @@ CERT_TOOL_PACKAGES_DEV=$(curl --silent -I $PACKAGES_DEV_URL$CERT_TOOL | grep -E
## If cert tool exists in some bucket, download it, if not exit 1 ## If cert tool exists in some bucket, download it, if not exit 1
if [ "$CERT_TOOL_PACKAGES" = "200" ]; then if [ "$CERT_TOOL_PACKAGES" = "200" ]; then
curl -o $CERT_TOOL $PACKAGES_URL$CERT_TOOL curl -o $CERT_TOOL $PACKAGES_URL$CERT_TOOL -s
echo "Cert tool exists in Packages bucket" echo "The tool to create the certificates exists in the in Packages bucket"
elif [ "$CERT_TOOL_PACKAGES_DEV" = "200" ]; then elif [ "$CERT_TOOL_PACKAGES_DEV" = "200" ]; then
curl -o $CERT_TOOL $PACKAGES_DEV_URL$CERT_TOOL curl -o $CERT_TOOL $PACKAGES_DEV_URL$CERT_TOOL -s
echo "Cert tool exists in Packages-dev bucket" echo "The tool to create the certificates exists in Packages-dev bucket"
else else
echo "Cert tool does not exist in any bucket" echo "The tool to create the certificates does not exist in any bucket"
echo "ERROR: certificates were not created" echo "ERROR: certificates were not created"
exit 1 exit 1
fi fi
@@ -41,9 +41,9 @@ source /$CERT_TOOL -A
nodes_server=$( cert_parseYaml /config.yml | grep nodes_server__name | sed 's/nodes_server__name=//' ) nodes_server=$( cert_parseYaml /config.yml | grep nodes_server__name | sed 's/nodes_server__name=//' )
node_names=($nodes_server) node_names=($nodes_server)
echo "Moving created certificates to destination directory" echo "Moving created certificates to the destination directory"
cp /wazuh-certificates/* /certificates/ cp /wazuh-certificates/* /certificates/
echo "changing certificate permissions" echo "Changing certificate permissions"
chmod -R 500 /certificates chmod -R 500 /certificates
chmod -R 400 /certificates/* chmod -R 400 /certificates/*
echo "Setting UID indexer and dashboard" echo "Setting UID indexer and dashboard"
@@ -51,11 +51,11 @@ chown 1000:1000 /certificates/*
echo "Setting UID for wazuh manager and worker" echo "Setting UID for wazuh manager and worker"
cp /certificates/root-ca.pem /certificates/root-ca-manager.pem cp /certificates/root-ca.pem /certificates/root-ca-manager.pem
cp /certificates/root-ca.key /certificates/root-ca-manager.key cp /certificates/root-ca.key /certificates/root-ca-manager.key
chown 999:997 /certificates/root-ca-manager.pem chown 101:101 /certificates/root-ca-manager.pem
chown 999:997 /certificates/root-ca-manager.key chown 101:101 /certificates/root-ca-manager.key
for i in ${node_names[@]}; for i in ${node_names[@]};
do do
chown 999:997 "/certificates/${i}.pem" chown 101:101 "/certificates/${i}.pem"
chown 999:997 "/certificates/${i}-key.pem" chown 101:101 "/certificates/${i}-key.pem"
done done

View File

@@ -1,6 +1,6 @@
# Opendistro data migration to Wazuh indexer on docker. # Opendistro data migration to Wazuh indexer on docker.
This procedure explains how to migrate Opendistro data from Opendistro to Wazuh indexer in docker production deployments. This procedure explains how to migrate Opendistro data from Opendistro to Wazuh indexer in docker production deployments.
The example is migrating from v4.2 to v4.3. The example is migrating from v4.2 to v4.4.
## Procedure ## Procedure
Assuming that you have a v4.2 production deployment, perform the following steps. Assuming that you have a v4.2 production deployment, perform the following steps.
@@ -17,7 +17,7 @@ Assuming that you have a v4.2 production deployment, perform the following steps
**4. Spin down the 4.2 environment.** **4. Spin down the 4.2 environment.**
`docker-compose -f production-cluster.yml down` `docker-compose -f production-cluster.yml down`
**Steps 5 and 6 can be done with the volume-migrator.sh script, specifying Docker version and project name as parameters.** **Steps 5 and 6 can be done with the volume-migrator.sh script, specifying Docker compose version and project name as parameters.**
Ex: $ multi-node/volume-migrator.sh 1.25.0 multi-node Ex: $ multi-node/volume-migrator.sh 1.25.0 multi-node
@@ -350,9 +350,9 @@ docker container run --rm -it \
alpine ash -c "cd /from ; cp -avp . /to" alpine ash -c "cd /from ; cp -avp . /to"
``` ```
**7. Start the 4.3 environment.** **7. Start the 4.4 environment.**
``` ```
git checkout 4.3 git checkout 4.4
cd multi-node cd multi-node
docker-compose -f generate-indexer-certs.yml run --rm generator docker-compose -f generate-indexer-certs.yml run --rm generator
docker-compose up -d docker-compose up -d

View File

@@ -21,4 +21,4 @@ nodes:
# Wazuh dashboard node # Wazuh dashboard node
dashboard: dashboard:
- name: wazuh.dashboard - name: wazuh.dashboard
ip: wazuh.dashboard ip: wazuh.dashboard

View File

@@ -108,15 +108,16 @@
<os>xenial</os> <os>xenial</os>
<os>bionic</os> <os>bionic</os>
<os>focal</os> <os>focal</os>
<os>jammy</os>
<update_interval>1h</update_interval> <update_interval>1h</update_interval>
</provider> </provider>
<!-- Debian OS vulnerabilities --> <!-- Debian OS vulnerabilities -->
<provider name="debian"> <provider name="debian">
<enabled>no</enabled> <enabled>no</enabled>
<os>stretch</os>
<os>buster</os> <os>buster</os>
<os>bullseye</os> <os>bullseye</os>
<os>bookworm</os>
<update_interval>1h</update_interval> <update_interval>1h</update_interval>
</provider> </provider>
@@ -127,6 +128,7 @@
<os>6</os> <os>6</os>
<os>7</os> <os>7</os>
<os>8</os> <os>8</os>
<os>9</os>
<update_interval>1h</update_interval> <update_interval>1h</update_interval>
</provider> </provider>
@@ -135,6 +137,19 @@
<enabled>no</enabled> <enabled>no</enabled>
<os>amazon-linux</os> <os>amazon-linux</os>
<os>amazon-linux-2</os> <os>amazon-linux-2</os>
<os>amazon-linux-2023</os>
<update_interval>1h</update_interval>
</provider>
<!-- SUSE Linux Enterprise OS vulnerabilities -->
<provider name="suse">
<enabled>no</enabled>
<os>11-server</os>
<os>11-desktop</os>
<os>12-server</os>
<os>12-desktop</os>
<os>15-server</os>
<os>15-desktop</os>
<update_interval>1h</update_interval> <update_interval>1h</update_interval>
</provider> </provider>
@@ -150,10 +165,17 @@
<update_interval>1h</update_interval> <update_interval>1h</update_interval>
</provider> </provider>
<!-- Alma Linux OS vulnerabilities -->
<provider name="almalinux">
<enabled>no</enabled>
<os>8</os>
<os>9</os>
<update_interval>1h</update_interval>
</provider>
<!-- Aggregate vulnerabilities --> <!-- Aggregate vulnerabilities -->
<provider name="nvd"> <provider name="nvd">
<enabled>yes</enabled> <enabled>yes</enabled>
<update_from_year>2010</update_from_year>
<update_interval>1h</update_interval> <update_interval>1h</update_interval>
</provider> </provider>
@@ -222,7 +244,6 @@
<global> <global>
<white_list>127.0.0.1</white_list> <white_list>127.0.0.1</white_list>
<white_list>^localhost.localdomain$</white_list> <white_list>^localhost.localdomain$</white_list>
<white_list>127.0.0.53</white_list>
</global> </global>
<command> <command>
@@ -350,24 +371,9 @@
<location>/var/ossec/logs/active-responses.log</location> <location>/var/ossec/logs/active-responses.log</location>
</localfile> </localfile>
<localfile>
<log_format>syslog</log_format>
<location>/var/log/auth.log</location>
</localfile>
<localfile>
<log_format>syslog</log_format>
<location>/var/log/syslog</location>
</localfile>
<localfile> <localfile>
<log_format>syslog</log_format> <log_format>syslog</log_format>
<location>/var/log/dpkg.log</location> <location>/var/log/dpkg.log</location>
</localfile> </localfile>
<localfile> </ossec_config>
<log_format>syslog</log_format>
<location>/var/log/kern.log</location>
</localfile>
</ossec_config>

View File

@@ -108,15 +108,16 @@
<os>xenial</os> <os>xenial</os>
<os>bionic</os> <os>bionic</os>
<os>focal</os> <os>focal</os>
<os>jammy</os>
<update_interval>1h</update_interval> <update_interval>1h</update_interval>
</provider> </provider>
<!-- Debian OS vulnerabilities --> <!-- Debian OS vulnerabilities -->
<provider name="debian"> <provider name="debian">
<enabled>no</enabled> <enabled>no</enabled>
<os>stretch</os>
<os>buster</os> <os>buster</os>
<os>bullseye</os> <os>bullseye</os>
<os>bookworm</os>
<update_interval>1h</update_interval> <update_interval>1h</update_interval>
</provider> </provider>
@@ -127,6 +128,7 @@
<os>6</os> <os>6</os>
<os>7</os> <os>7</os>
<os>8</os> <os>8</os>
<os>9</os>
<update_interval>1h</update_interval> <update_interval>1h</update_interval>
</provider> </provider>
@@ -135,6 +137,19 @@
<enabled>no</enabled> <enabled>no</enabled>
<os>amazon-linux</os> <os>amazon-linux</os>
<os>amazon-linux-2</os> <os>amazon-linux-2</os>
<os>amazon-linux-2023</os>
<update_interval>1h</update_interval>
</provider>
<!-- SUSE Linux Enterprise OS vulnerabilities -->
<provider name="suse">
<enabled>no</enabled>
<os>11-server</os>
<os>11-desktop</os>
<os>12-server</os>
<os>12-desktop</os>
<os>15-server</os>
<os>15-desktop</os>
<update_interval>1h</update_interval> <update_interval>1h</update_interval>
</provider> </provider>
@@ -144,6 +159,14 @@
<update_interval>1h</update_interval> <update_interval>1h</update_interval>
</provider> </provider>
<!-- Alma Linux OS vulnerabilities -->
<provider name="almalinux">
<enabled>no</enabled>
<os>8</os>
<os>9</os>
<update_interval>1h</update_interval>
</provider>
<!-- Windows OS vulnerabilities --> <!-- Windows OS vulnerabilities -->
<provider name="msu"> <provider name="msu">
<enabled>yes</enabled> <enabled>yes</enabled>
@@ -153,7 +176,6 @@
<!-- Aggregate vulnerabilities --> <!-- Aggregate vulnerabilities -->
<provider name="nvd"> <provider name="nvd">
<enabled>yes</enabled> <enabled>yes</enabled>
<update_from_year>2010</update_from_year>
<update_interval>1h</update_interval> <update_interval>1h</update_interval>
</provider> </provider>
@@ -222,7 +244,6 @@
<global> <global>
<white_list>127.0.0.1</white_list> <white_list>127.0.0.1</white_list>
<white_list>^localhost.localdomain$</white_list> <white_list>^localhost.localdomain$</white_list>
<white_list>127.0.0.53</white_list>
</global> </global>
<command> <command>
@@ -350,24 +371,9 @@
<location>/var/ossec/logs/active-responses.log</location> <location>/var/ossec/logs/active-responses.log</location>
</localfile> </localfile>
<localfile>
<log_format>syslog</log_format>
<location>/var/log/auth.log</location>
</localfile>
<localfile>
<log_format>syslog</log_format>
<location>/var/log/syslog</location>
</localfile>
<localfile> <localfile>
<log_format>syslog</log_format> <log_format>syslog</log_format>
<location>/var/log/dpkg.log</location> <location>/var/log/dpkg.log</location>
</localfile> </localfile>
<localfile> </ossec_config>
<log_format>syslog</log_format>
<location>/var/log/kern.log</location>
</localfile>
</ossec_config>

View File

@@ -1,5 +1,5 @@
server.host: 0.0.0.0 server.host: 0.0.0.0
server.port: 443 server.port: 5601
opensearch.hosts: https://wazuh1.indexer:9200 opensearch.hosts: https://wazuh1.indexer:9200
opensearch.ssl.verificationMode: certificate opensearch.ssl.verificationMode: certificate
opensearch.requestHeadersWhitelist: ["securitytenant","Authorization"] opensearch.requestHeadersWhitelist: ["securitytenant","Authorization"]

View File

@@ -2,6 +2,6 @@ hosts:
- 1513629884013: - 1513629884013:
url: "https://wazuh.master" url: "https://wazuh.master"
port: 55000 port: 55000
username: acme-user username: wazuh-wui
password: MyS3cr37P450r.*- password: "MyS3cr37P450r.*-"
run_as: false run_as: false

View File

@@ -1,11 +1,18 @@
# Wazuh App Copyright (C) 2021 Wazuh Inc. (License GPLv2) # Wazuh App Copyright (C) 2017, Wazuh Inc. (License GPLv2)
version: '3.7' version: '3.7'
services: services:
wazuh.master: wazuh.master:
image: wazuh/wazuh-manager:4.3.0 image: wazuh/wazuh-manager:4.7.5
hostname: wazuh.master hostname: wazuh.master
restart: always restart: always
ulimits:
memlock:
soft: -1
hard: -1
nofile:
soft: 655360
hard: 655360
ports: ports:
- "1515:1515" - "1515:1515"
- "514:514/udp" - "514:514/udp"
@@ -18,7 +25,7 @@ services:
- SSL_CERTIFICATE_AUTHORITIES=/etc/ssl/root-ca.pem - SSL_CERTIFICATE_AUTHORITIES=/etc/ssl/root-ca.pem
- SSL_CERTIFICATE=/etc/ssl/filebeat.pem - SSL_CERTIFICATE=/etc/ssl/filebeat.pem
- SSL_KEY=/etc/ssl/filebeat.key - SSL_KEY=/etc/ssl/filebeat.key
- API_USERNAME=acme-user - API_USERNAME=wazuh-wui
- API_PASSWORD=MyS3cr37P450r.*- - API_PASSWORD=MyS3cr37P450r.*-
volumes: volumes:
- master-wazuh-api-configuration:/var/ossec/api/configuration - master-wazuh-api-configuration:/var/ossec/api/configuration
@@ -38,9 +45,16 @@ services:
- ./config/wazuh_cluster/wazuh_manager.conf:/wazuh-config-mount/etc/ossec.conf - ./config/wazuh_cluster/wazuh_manager.conf:/wazuh-config-mount/etc/ossec.conf
wazuh.worker: wazuh.worker:
image: wazuh/wazuh-manager:4.3.0 image: wazuh/wazuh-manager:4.7.5
hostname: wazuh.worker hostname: wazuh.worker
restart: always restart: always
ulimits:
memlock:
soft: -1
hard: -1
nofile:
soft: 655360
hard: 655360
environment: environment:
- INDEXER_URL=https://wazuh1.indexer:9200 - INDEXER_URL=https://wazuh1.indexer:9200
- INDEXER_USERNAME=admin - INDEXER_USERNAME=admin
@@ -67,7 +81,7 @@ services:
- ./config/wazuh_cluster/wazuh_worker.conf:/wazuh-config-mount/etc/ossec.conf - ./config/wazuh_cluster/wazuh_worker.conf:/wazuh-config-mount/etc/ossec.conf
wazuh1.indexer: wazuh1.indexer:
image: wazuh/wazuh-indexer:4.3.0 image: wazuh/wazuh-indexer:4.7.5
hostname: wazuh1.indexer hostname: wazuh1.indexer
restart: always restart: always
ports: ports:
@@ -84,16 +98,16 @@ services:
hard: 65536 hard: 65536
volumes: volumes:
- wazuh-indexer-data-1:/var/lib/wazuh-indexer - wazuh-indexer-data-1:/var/lib/wazuh-indexer
- ./config/wazuh_indexer_ssl_certs/root-ca.pem:/usr/share/wazuh-indexer/config/certs/root-ca.pem - ./config/wazuh_indexer_ssl_certs/root-ca.pem:/usr/share/wazuh-indexer/certs/root-ca.pem
- ./config/wazuh_indexer_ssl_certs/wazuh1.indexer-key.pem:/usr/share/wazuh-indexer/config/certs/wazuh1.indexer.key - ./config/wazuh_indexer_ssl_certs/wazuh1.indexer-key.pem:/usr/share/wazuh-indexer/certs/wazuh1.indexer.key
- ./config/wazuh_indexer_ssl_certs/wazuh1.indexer.pem:/usr/share/wazuh-indexer/config/certs/wazuh1.indexer.pem - ./config/wazuh_indexer_ssl_certs/wazuh1.indexer.pem:/usr/share/wazuh-indexer/certs/wazuh1.indexer.pem
- ./config/wazuh_indexer_ssl_certs/admin.pem:/usr/share/wazuh-indexer/config/certs/admin.pem - ./config/wazuh_indexer_ssl_certs/admin.pem:/usr/share/wazuh-indexer/certs/admin.pem
- ./config/wazuh_indexer_ssl_certs/admin-key.pem:/usr/share/wazuh-indexer/config/certs/admin-key.pem - ./config/wazuh_indexer_ssl_certs/admin-key.pem:/usr/share/wazuh-indexer/certs/admin-key.pem
- ./config/wazuh_indexer/wazuh1.indexer.yml:/usr/share/wazuh-indexer/config/opensearch.yml - ./config/wazuh_indexer/wazuh1.indexer.yml:/usr/share/wazuh-indexer/opensearch.yml
- ./config/wazuh_indexer/internal_users.yml:/usr/share/wazuh-indexer/plugins/opensearch-security/securityconfig/internal_users.yml - ./config/wazuh_indexer/internal_users.yml:/usr/share/wazuh-indexer/opensearch-security/internal_users.yml
wazuh2.indexer: wazuh2.indexer:
image: wazuh/wazuh-indexer:4.3.0 image: wazuh/wazuh-indexer:4.7.5
hostname: wazuh2.indexer hostname: wazuh2.indexer
restart: always restart: always
environment: environment:
@@ -108,14 +122,14 @@ services:
hard: 65536 hard: 65536
volumes: volumes:
- wazuh-indexer-data-2:/var/lib/wazuh-indexer - wazuh-indexer-data-2:/var/lib/wazuh-indexer
- ./config/wazuh_indexer_ssl_certs/root-ca.pem:/usr/share/wazuh-indexer/config/certs/root-ca.pem - ./config/wazuh_indexer_ssl_certs/root-ca.pem:/usr/share/wazuh-indexer/certs/root-ca.pem
- ./config/wazuh_indexer_ssl_certs/wazuh2.indexer-key.pem:/usr/share/wazuh-indexer/config/certs/wazuh2.indexer.key - ./config/wazuh_indexer_ssl_certs/wazuh2.indexer-key.pem:/usr/share/wazuh-indexer/certs/wazuh2.indexer.key
- ./config/wazuh_indexer_ssl_certs/wazuh2.indexer.pem:/usr/share/wazuh-indexer/config/certs/wazuh2.indexer.pem - ./config/wazuh_indexer_ssl_certs/wazuh2.indexer.pem:/usr/share/wazuh-indexer/certs/wazuh2.indexer.pem
- ./config/wazuh_indexer/wazuh2.indexer.yml:/usr/share/wazuh-indexer/config/opensearch.yml - ./config/wazuh_indexer/wazuh2.indexer.yml:/usr/share/wazuh-indexer/opensearch.yml
- ./config/wazuh_indexer/internal_users.yml:/usr/share/wazuh-indexer/plugins/opensearch-security/securityconfig/internal_users.yml - ./config/wazuh_indexer/internal_users.yml:/usr/share/wazuh-indexer/opensearch-security/internal_users.yml
wazuh3.indexer: wazuh3.indexer:
image: wazuh/wazuh-indexer:4.3.0 image: wazuh/wazuh-indexer:4.7.5
hostname: wazuh3.indexer hostname: wazuh3.indexer
restart: always restart: always
environment: environment:
@@ -130,29 +144,33 @@ services:
hard: 65536 hard: 65536
volumes: volumes:
- wazuh-indexer-data-3:/var/lib/wazuh-indexer - wazuh-indexer-data-3:/var/lib/wazuh-indexer
- ./config/wazuh_indexer_ssl_certs/root-ca.pem:/usr/share/wazuh-indexer/config/certs/root-ca.pem - ./config/wazuh_indexer_ssl_certs/root-ca.pem:/usr/share/wazuh-indexer/certs/root-ca.pem
- ./config/wazuh_indexer_ssl_certs/wazuh3.indexer-key.pem:/usr/share/wazuh-indexer/config/certs/wazuh3.indexer.key - ./config/wazuh_indexer_ssl_certs/wazuh3.indexer-key.pem:/usr/share/wazuh-indexer/certs/wazuh3.indexer.key
- ./config/wazuh_indexer_ssl_certs/wazuh3.indexer.pem:/usr/share/wazuh-indexer/config/certs/wazuh3.indexer.pem - ./config/wazuh_indexer_ssl_certs/wazuh3.indexer.pem:/usr/share/wazuh-indexer/certs/wazuh3.indexer.pem
- ./config/wazuh_indexer/wazuh3.indexer.yml:/usr/share/wazuh-indexer/config/opensearch.yml - ./config/wazuh_indexer/wazuh3.indexer.yml:/usr/share/wazuh-indexer/opensearch.yml
- ./config/wazuh_indexer/internal_users.yml:/usr/share/wazuh-indexer/plugins/opensearch-security/securityconfig/internal_users.yml - ./config/wazuh_indexer/internal_users.yml:/usr/share/wazuh-indexer/opensearch-security/internal_users.yml
wazuh.dashboard: wazuh.dashboard:
image: wazuh/wazuh-dashboard:4.3.0 image: wazuh/wazuh-dashboard:4.7.5
hostname: wazuh.dashboard hostname: wazuh.dashboard
restart: always restart: always
ports: ports:
- 443:443 - 443:5601
environment: environment:
- OPENSEARCH_HOSTS="https://wazuh1.indexer:9200" - OPENSEARCH_HOSTS="https://wazuh1.indexer:9200"
- WAZUH_API_URL="https://wazuh.master" - WAZUH_API_URL="https://wazuh.master"
- API_USERNAME=acme-user - API_USERNAME=wazuh-wui
- API_PASSWORD=MyS3cr37P450r.*- - API_PASSWORD=MyS3cr37P450r.*-
- DASHBOARD_USERNAME=kibanaserver
- DASHBOARD_PASSWORD=kibanaserver
volumes: volumes:
- ./config/wazuh_indexer_ssl_certs/wazuh.dashboard.pem:/usr/share/wazuh-dashboard/certs/wazuh-dashboard.pem - ./config/wazuh_indexer_ssl_certs/wazuh.dashboard.pem:/usr/share/wazuh-dashboard/certs/wazuh-dashboard.pem
- ./config/wazuh_indexer_ssl_certs/wazuh.dashboard-key.pem:/usr/share/wazuh-dashboard/certs/wazuh-dashboard-key.pem - ./config/wazuh_indexer_ssl_certs/wazuh.dashboard-key.pem:/usr/share/wazuh-dashboard/certs/wazuh-dashboard-key.pem
- ./config/wazuh_indexer_ssl_certs/root-ca.pem:/usr/share/wazuh-dashboard/certs/root-ca.pem - ./config/wazuh_indexer_ssl_certs/root-ca.pem:/usr/share/wazuh-dashboard/certs/root-ca.pem
- ./config/wazuh_dashboard/opensearch_dashboards.yml:/usr/share/wazuh-dashboard/config/opensearch_dashboards.yml - ./config/wazuh_dashboard/opensearch_dashboards.yml:/usr/share/wazuh-dashboard/config/opensearch_dashboards.yml
- ./config/wazuh_dashboard/wazuh.yml:/usr/share/wazuh-dashboard/data/wazuh/config/wazuh.yml - ./config/wazuh_dashboard/wazuh.yml:/usr/share/wazuh-dashboard/data/wazuh/config/wazuh.yml
- wazuh-dashboard-config:/usr/share/wazuh-dashboard/data/wazuh/config
- wazuh-dashboard-custom:/usr/share/wazuh-dashboard/plugins/wazuh/public/assets/custom
depends_on: depends_on:
- wazuh1.indexer - wazuh1.indexer
links: links:
@@ -202,3 +220,5 @@ volumes:
wazuh-indexer-data-1: wazuh-indexer-data-1:
wazuh-indexer-data-2: wazuh-indexer-data-2:
wazuh-indexer-data-3: wazuh-indexer-data-3:
wazuh-dashboard-config:
wazuh-dashboard-custom:

View File

@@ -1,4 +1,4 @@
# Wazuh App Copyright (C) 2021 Wazuh Inc. (License GPLv2) # Wazuh App Copyright (C) 2017, Wazuh Inc. (License GPLv2)
version: '3' version: '3'
services: services:

View File

@@ -13,4 +13,4 @@ nodes:
# Wazuh dashboard node # Wazuh dashboard node
dashboard: dashboard:
- name: wazuh.dashboard - name: wazuh.dashboard
ip: wazuh.dashboard ip: wazuh.dashboard

View File

@@ -108,15 +108,16 @@
<os>xenial</os> <os>xenial</os>
<os>bionic</os> <os>bionic</os>
<os>focal</os> <os>focal</os>
<os>jammy</os>
<update_interval>1h</update_interval> <update_interval>1h</update_interval>
</provider> </provider>
<!-- Debian OS vulnerabilities --> <!-- Debian OS vulnerabilities -->
<provider name="debian"> <provider name="debian">
<enabled>no</enabled> <enabled>no</enabled>
<os>stretch</os>
<os>buster</os> <os>buster</os>
<os>bullseye</os> <os>bullseye</os>
<os>bookworm</os>
<update_interval>1h</update_interval> <update_interval>1h</update_interval>
</provider> </provider>
@@ -127,6 +128,7 @@
<os>6</os> <os>6</os>
<os>7</os> <os>7</os>
<os>8</os> <os>8</os>
<os>9</os>
<update_interval>1h</update_interval> <update_interval>1h</update_interval>
</provider> </provider>
@@ -135,6 +137,19 @@
<enabled>no</enabled> <enabled>no</enabled>
<os>amazon-linux</os> <os>amazon-linux</os>
<os>amazon-linux-2</os> <os>amazon-linux-2</os>
<os>amazon-linux-2023</os>
<update_interval>1h</update_interval>
</provider>
<!-- SUSE Linux Enterprise OS vulnerabilities -->
<provider name="suse">
<enabled>no</enabled>
<os>11-server</os>
<os>11-desktop</os>
<os>12-server</os>
<os>12-desktop</os>
<os>15-server</os>
<os>15-desktop</os>
<update_interval>1h</update_interval> <update_interval>1h</update_interval>
</provider> </provider>
@@ -144,6 +159,14 @@
<update_interval>1h</update_interval> <update_interval>1h</update_interval>
</provider> </provider>
<!-- Alma Linux OS vulnerabilities -->
<provider name="almalinux">
<enabled>no</enabled>
<os>8</os>
<os>9</os>
<update_interval>1h</update_interval>
</provider>
<!-- Windows OS vulnerabilities --> <!-- Windows OS vulnerabilities -->
<provider name="msu"> <provider name="msu">
<enabled>yes</enabled> <enabled>yes</enabled>
@@ -153,7 +176,6 @@
<!-- Aggregate vulnerabilities --> <!-- Aggregate vulnerabilities -->
<provider name="nvd"> <provider name="nvd">
<enabled>yes</enabled> <enabled>yes</enabled>
<update_from_year>2010</update_from_year>
<update_interval>1h</update_interval> <update_interval>1h</update_interval>
</provider> </provider>
@@ -222,7 +244,6 @@
<global> <global>
<white_list>127.0.0.1</white_list> <white_list>127.0.0.1</white_list>
<white_list>^localhost.localdomain$</white_list> <white_list>^localhost.localdomain$</white_list>
<white_list>10.0.0.106</white_list>
</global> </global>
<command> <command>
@@ -332,11 +353,11 @@
<name>wazuh</name> <name>wazuh</name>
<node_name>node01</node_name> <node_name>node01</node_name>
<node_type>master</node_type> <node_type>master</node_type>
<key></key> <key>aa093264ef885029653eea20dfcf51ae</key>
<port>1516</port> <port>1516</port>
<bind_addr>0.0.0.0</bind_addr> <bind_addr>0.0.0.0</bind_addr>
<nodes> <nodes>
<node>NODE_IP</node> <node>wazuh.manager</node>
</nodes> </nodes>
<hidden>no</hidden> <hidden>no</hidden>
<disabled>yes</disabled> <disabled>yes</disabled>

View File

@@ -1,5 +1,5 @@
server.host: 0.0.0.0 server.host: 0.0.0.0
server.port: 443 server.port: 5601
opensearch.hosts: https://wazuh.indexer:9200 opensearch.hosts: https://wazuh.indexer:9200
opensearch.ssl.verificationMode: certificate opensearch.ssl.verificationMode: certificate
opensearch.requestHeadersWhitelist: ["securitytenant","Authorization"] opensearch.requestHeadersWhitelist: ["securitytenant","Authorization"]

View File

@@ -2,6 +2,6 @@ hosts:
- 1513629884013: - 1513629884013:
url: "https://wazuh.manager" url: "https://wazuh.manager"
port: 55000 port: 55000
username: acme-user username: wazuh-wui
password: MyS3cr37P450r.*- password: "MyS3cr37P450r.*-"
run_as: false run_as: false

View File

@@ -3,13 +3,15 @@ node.name: "wazuh.indexer"
path.data: /var/lib/wazuh-indexer path.data: /var/lib/wazuh-indexer
path.logs: /var/log/wazuh-indexer path.logs: /var/log/wazuh-indexer
discovery.type: single-node discovery.type: single-node
http.port: 9200-9299
transport.tcp.port: 9300-9399
compatibility.override_main_response_version: true compatibility.override_main_response_version: true
plugins.security.ssl.http.pemcert_filepath: ${OPENSEARCH_PATH_CONF}/certs/wazuh.indexer.pem plugins.security.ssl.http.pemcert_filepath: /usr/share/wazuh-indexer/certs/wazuh.indexer.pem
plugins.security.ssl.http.pemkey_filepath: ${OPENSEARCH_PATH_CONF}/certs/wazuh.indexer.key plugins.security.ssl.http.pemkey_filepath: /usr/share/wazuh-indexer/certs/wazuh.indexer.key
plugins.security.ssl.http.pemtrustedcas_filepath: ${OPENSEARCH_PATH_CONF}/certs/root-ca.pem plugins.security.ssl.http.pemtrustedcas_filepath: /usr/share/wazuh-indexer/certs/root-ca.pem
plugins.security.ssl.transport.pemcert_filepath: ${OPENSEARCH_PATH_CONF}/certs/wazuh.indexer.pem plugins.security.ssl.transport.pemcert_filepath: /usr/share/wazuh-indexer/certs/wazuh.indexer.pem
plugins.security.ssl.transport.pemkey_filepath: ${OPENSEARCH_PATH_CONF}/certs/wazuh.indexer.key plugins.security.ssl.transport.pemkey_filepath: /usr/share/wazuh-indexer/certs/wazuh.indexer.key
plugins.security.ssl.transport.pemtrustedcas_filepath: ${OPENSEARCH_PATH_CONF}/certs/root-ca.pem plugins.security.ssl.transport.pemtrustedcas_filepath: /usr/share/wazuh-indexer/certs/root-ca.pem
plugins.security.ssl.http.enabled: true plugins.security.ssl.http.enabled: true
plugins.security.ssl.transport.enforce_hostname_verification: false plugins.security.ssl.transport.enforce_hostname_verification: false
plugins.security.ssl.transport.resolve_hostname: false plugins.security.ssl.transport.resolve_hostname: false

View File

@@ -1,11 +1,18 @@
# Wazuh App Copyright (C) 2021 Wazuh Inc. (License GPLv2) # Wazuh App Copyright (C) 2017, Wazuh Inc. (License GPLv2)
version: '3.7' version: '3.7'
services: services:
wazuh.manager: wazuh.manager:
image: wazuh/wazuh-manager:4.3.0 image: wazuh/wazuh-manager:4.7.5
hostname: wazuh.manager hostname: wazuh.manager
restart: always restart: always
ulimits:
memlock:
soft: -1
hard: -1
nofile:
soft: 655360
hard: 655360
ports: ports:
- "1514:1514" - "1514:1514"
- "1515:1515" - "1515:1515"
@@ -19,7 +26,7 @@ services:
- SSL_CERTIFICATE_AUTHORITIES=/etc/ssl/root-ca.pem - SSL_CERTIFICATE_AUTHORITIES=/etc/ssl/root-ca.pem
- SSL_CERTIFICATE=/etc/ssl/filebeat.pem - SSL_CERTIFICATE=/etc/ssl/filebeat.pem
- SSL_KEY=/etc/ssl/filebeat.key - SSL_KEY=/etc/ssl/filebeat.key
- API_USERNAME=acme-user - API_USERNAME=wazuh-wui
- API_PASSWORD=MyS3cr37P450r.*- - API_PASSWORD=MyS3cr37P450r.*-
volumes: volumes:
- wazuh_api_configuration:/var/ossec/api/configuration - wazuh_api_configuration:/var/ossec/api/configuration
@@ -39,7 +46,7 @@ services:
- ./config/wazuh_cluster/wazuh_manager.conf:/wazuh-config-mount/etc/ossec.conf - ./config/wazuh_cluster/wazuh_manager.conf:/wazuh-config-mount/etc/ossec.conf
wazuh.indexer: wazuh.indexer:
image: wazuh/wazuh-indexer:4.3.0 image: wazuh/wazuh-indexer:4.7.5
hostname: wazuh.indexer hostname: wazuh.indexer
restart: always restart: always
ports: ports:
@@ -55,25 +62,27 @@ services:
hard: 65536 hard: 65536
volumes: volumes:
- wazuh-indexer-data:/var/lib/wazuh-indexer - wazuh-indexer-data:/var/lib/wazuh-indexer
- ./config/wazuh_indexer_ssl_certs/root-ca.pem:/usr/share/wazuh-indexer/config/certs/root-ca.pem - ./config/wazuh_indexer_ssl_certs/root-ca.pem:/usr/share/wazuh-indexer/certs/root-ca.pem
- ./config/wazuh_indexer_ssl_certs/wazuh.indexer-key.pem:/usr/share/wazuh-indexer/config/certs/wazuh.indexer.key - ./config/wazuh_indexer_ssl_certs/wazuh.indexer-key.pem:/usr/share/wazuh-indexer/certs/wazuh.indexer.key
- ./config/wazuh_indexer_ssl_certs/wazuh.indexer.pem:/usr/share/wazuh-indexer/config/certs/wazuh.indexer.pem - ./config/wazuh_indexer_ssl_certs/wazuh.indexer.pem:/usr/share/wazuh-indexer/certs/wazuh.indexer.pem
- ./config/wazuh_indexer_ssl_certs/admin.pem:/usr/share/wazuh-indexer/config/certs/admin.pem - ./config/wazuh_indexer_ssl_certs/admin.pem:/usr/share/wazuh-indexer/certs/admin.pem
- ./config/wazuh_indexer_ssl_certs/admin-key.pem:/usr/share/wazuh-indexer/config/certs/admin-key.pem - ./config/wazuh_indexer_ssl_certs/admin-key.pem:/usr/share/wazuh-indexer/certs/admin-key.pem
- ./config/wazuh_indexer/wazuh.indexer.yml:/usr/share/wazuh-indexer/config/opensearch.yml - ./config/wazuh_indexer/wazuh.indexer.yml:/usr/share/wazuh-indexer/opensearch.yml
- ./config/wazuh_indexer/internal_users.yml:/usr/share/wazuh-indexer/plugins/opensearch-security/securityconfig/internal_users.yml - ./config/wazuh_indexer/internal_users.yml:/usr/share/wazuh-indexer/opensearch-security/internal_users.yml
wazuh.dashboard: wazuh.dashboard:
image: wazuh/wazuh-dashboard:4.3.0 image: wazuh/wazuh-dashboard:4.7.5
hostname: wazuh.dashboard hostname: wazuh.dashboard
restart: always restart: always
ports: ports:
- 443:443 - 443:5601
environment: environment:
- INDEXER_USERNAME=admin - INDEXER_USERNAME=admin
- INDEXER_PASSWORD=SecretPassword - INDEXER_PASSWORD=SecretPassword
- WAZUH_API_URL=https://wazuh.manager - WAZUH_API_URL=https://wazuh.manager
- API_USERNAME=acme-user - DASHBOARD_USERNAME=kibanaserver
- DASHBOARD_PASSWORD=kibanaserver
- API_USERNAME=wazuh-wui
- API_PASSWORD=MyS3cr37P450r.*- - API_PASSWORD=MyS3cr37P450r.*-
volumes: volumes:
- ./config/wazuh_indexer_ssl_certs/wazuh.dashboard.pem:/usr/share/wazuh-dashboard/certs/wazuh-dashboard.pem - ./config/wazuh_indexer_ssl_certs/wazuh.dashboard.pem:/usr/share/wazuh-dashboard/certs/wazuh-dashboard.pem
@@ -81,6 +90,8 @@ services:
- ./config/wazuh_indexer_ssl_certs/root-ca.pem:/usr/share/wazuh-dashboard/certs/root-ca.pem - ./config/wazuh_indexer_ssl_certs/root-ca.pem:/usr/share/wazuh-dashboard/certs/root-ca.pem
- ./config/wazuh_dashboard/opensearch_dashboards.yml:/usr/share/wazuh-dashboard/config/opensearch_dashboards.yml - ./config/wazuh_dashboard/opensearch_dashboards.yml:/usr/share/wazuh-dashboard/config/opensearch_dashboards.yml
- ./config/wazuh_dashboard/wazuh.yml:/usr/share/wazuh-dashboard/data/wazuh/config/wazuh.yml - ./config/wazuh_dashboard/wazuh.yml:/usr/share/wazuh-dashboard/data/wazuh/config/wazuh.yml
- wazuh-dashboard-config:/usr/share/wazuh-dashboard/data/wazuh/config
- wazuh-dashboard-custom:/usr/share/wazuh-dashboard/plugins/wazuh/public/assets/custom
depends_on: depends_on:
- wazuh.indexer - wazuh.indexer
links: links:
@@ -100,3 +111,5 @@ volumes:
filebeat_etc: filebeat_etc:
filebeat_var: filebeat_var:
wazuh-indexer-data: wazuh-indexer-data:
wazuh-dashboard-config:
wazuh-dashboard-custom:

View File

@@ -1,4 +1,4 @@
# Wazuh App Copyright (C) 2021 Wazuh Inc. (License GPLv2) # Wazuh App Copyright (C) 2017, Wazuh Inc. (License GPLv2)
version: '3' version: '3'
services: services:
@@ -7,4 +7,4 @@ services:
hostname: wazuh-certs-generator hostname: wazuh-certs-generator
volumes: volumes:
- ./config/wazuh_indexer_ssl_certs/:/certificates/ - ./config/wazuh_indexer_ssl_certs/:/certificates/
- ./config/certs.yml:/config/certs.yml - ./config/certs.yml:/config/certs.yml