Merge pull request #1837 from wazuh/bug/2435-docker-4102-packages-failed-to-be-published

Updated docker/login-action module
Updated changelog
2025-10-24 16:43:37 +00:00 · 2025-05-22 15:10:18 -03:00 · 2025-05-22 15:09:43 -03:00 · 2025-05-22 15:07:22 -03:00 · 2025-05-20 11:56:49 -03:00 · 2025-05-20 11:44:20 -03:00
60 changed files with 1804 additions and 556 deletions
--- a/.env
+++ b/.env
@@ -0,0 +1,6 @@
 WAZUH_VERSION=4.10.2
 WAZUH_IMAGE_VERSION=4.10.2
 WAZUH_TAG_REVISION=1
 FILEBEAT_TEMPLATE_BRANCH=4.10.2
 WAZUH_FILEBEAT_MODULE=wazuh-filebeat-0.4.tar.gz
 WAZUH_UI_REVISION=1
--- a/.github/.goss.yaml
+++ b/.github/.goss.yaml
@@ -56,7 +56,7 @@ package:
  wazuh-manager:
    installed: true
    versions:
-    - 4.3.4
+    - 4.10.2
 port:
  tcp:1514:
    listening: true
@@ -70,28 +70,6 @@ port:
    listening: true
    ip:
    - 0.0.0.0
 user:
  wazuh:
    exists: true
    groups:
    - wazuh
    home: /var/ossec
    shell: /sbin/nologin
  wazuh:
    exists: true
    groups:
    - wazuh
    home: /var/ossec
    shell: /sbin/nologin
  wazuh:
    exists: true
    groups:
    - wazuh
    home: /var/ossec
    shell: /sbin/nologin
 group:
  wazuh:
    exists: true
 process:
  filebeat:
    running: true
@@ -113,3 +91,13 @@ process:
    running: true
  wazuh-modulesd:
    running: true
 user:
  wazuh:
    exists: true
    groups:
    - wazuh
    home: /var/ossec
    shell: /sbin/nologin
 group:
  wazuh:
    exists: true
--- a/.github/multi-node-filebeat-check.sh
+++ b/.github/multi-node-filebeat-check.sh
@@ -0,0 +1,18 @@
 filebeatout1=$(docker exec multi-node_wazuh.master_1 sh -c 'filebeat test output')
 filebeatstatus1=$(echo "${filebeatout1}" | grep -c OK)
 if [[ filebeatstatus1 -eq 7 ]]; then
  echo "No errors in master filebeat"
 else
  echo "Errors in master filebeat"
  echo "${filebeatout1}"
  exit 1
 fi
 filebeatout2=$(docker exec multi-node_wazuh.worker_1 sh -c 'filebeat test output')
 filebeatstatus2=$(echo "${filebeatout2}" | grep -c OK)
 if [[ filebeatstatus2 -eq 7 ]]; then
 echo "No errors in worker filebeat"
 else
 echo "Errors in worker filebeat"
 echo "${filebeatout2}"
 exit 1
 fi
--- a/.github/multi-node-log-check.sh
+++ b/.github/multi-node-log-check.sh
@@ -0,0 +1,16 @@
 log1=$(docker exec multi-node_wazuh.master_1 sh -c 'cat /var/ossec/logs/ossec.log' | grep -P "ERR|WARN|CRIT")
 if [[ -z "$log1" ]]; then
  echo "No errors in master ossec.log"
 else
  echo "Errors in master ossec.log:"
  echo "${log1}"
  exit 1
 fi
 log2=$(docker exec multi-node_wazuh.worker_1 sh -c 'cat /var/ossec/logs/ossec.log' | grep -P "ERR|WARN|CRIT")
 if [[ -z "${log2}" ]]; then
  echo "No errors in worker ossec.log"
 else
  echo "Errors in worker ossec.log:"
  echo "${log2}"
  exit 1
 fi
--- a/.github/single-node-filebeat-check.sh
+++ b/.github/single-node-filebeat-check.sh
@@ -0,0 +1,9 @@
 filebeatout=$(docker exec single-node_wazuh.manager_1 sh -c 'filebeat test output')
 filebeatstatus=$(echo "${filebeatout}" | grep -c OK)
 if [[ filebeatstatus -eq 7 ]]; then
  echo "No errors in filebeat"
 else
  echo "Errors in filebeat"
  echo "${filebeatout}"
  exit 1
 fi
--- a/.github/single-node-log-check.sh
+++ b/.github/single-node-log-check.sh
@@ -0,0 +1,8 @@
 log=$(docker exec single-node_wazuh.manager_1 sh -c 'cat /var/ossec/logs/ossec.log' | grep -P "ERR|WARN|CRIT")
 if [[ -z "$log" ]]; then
  echo "No errors in ossec.log"
 else
  echo "Errors in ossec.log:"
  echo "${log}"
  exit 1
 fi
--- a/.github/workflows/Procedure_push_docker_images.yml
+++ b/.github/workflows/Procedure_push_docker_images.yml
@@ -0,0 +1,167 @@
 run-name: Launch Push Docker Images - ${{ inputs.id }}
 name: Push Docker Images
 on:
  workflow_dispatch:
    inputs:
      image_tag:
        description: 'Docker image tag'
        default: '4.10.2'
        required: true
      docker_reference:
        description: 'wazuh-docker reference'
        default: 'v4.10.2'
        required: false
      products:
        description: 'Comma-separated list of the image names to build and push'
        default: 'wazuh-manager,wazuh-dashboard,wazuh-indexer'
        required: true
      filebeat_module_version:
        description: 'Filebeat module version'
        default: '0.4'
        required: true
      revision:
        description: 'Package revision'
        default: '1'
        required: true
      push_images:
        description: 'Push images'
        type: boolean
        default: true
        required: true
      id:
        description: "ID used to identify the workflow uniquely."
        type: string
        required: false
      dev:
        description: "Add tag suffix '-dev' to the image tag ?"
        type: boolean
        default: true
        required: false
  workflow_call:
    inputs:
      image_tag:
        description: 'Docker image tag'
        default: '4.10.2'
        required: true
        type: string
      docker_reference:
        description: 'wazuh-docker reference'
        default: 'v4.10.2'
        required: false
        type: string
      products:
        description: 'Comma-separated list of the image names to build and push'
        default: 'wazuh-manager,wazuh-dashboard,wazuh-indexer'
        required: true
        type: string
      filebeat_module_version:
        description: 'Filebeat module version'
        default: '0.4'
        required: true
        type: string
      revision:
        description: 'Package revision'
        default: '1'
        required: true
        type: string
      push_images:
        description: 'Push images'
        type: boolean
        default: true
        required: true
      id:
        description: "ID used to identify the workflow uniquely."
        type: string
        required: false
      dev:
        description: "Add tag suffix '-dev' to the image tag ?"
        type: boolean
        default: false
        required: false
 jobs:
  build-and-push:
    runs-on: ubuntu-latest
    steps:
    - name: Print inputs
      run: |
        echo "---------------------------------------------"
        echo "Running Procedure_push_docker_images workflow"
        echo "---------------------------------------------"
        echo "* BRANCH: ${{ github.ref }}"
        echo "* COMMIT: ${{ github.sha }}"
        echo "---------------------------------------------"
        echo "Inputs provided:"
        echo "---------------------------------------------"
        echo "* id: ${{ inputs.id }}"
        echo "* image_tag: ${{ inputs.image_tag }}"
        echo "* docker_reference: ${{ inputs.docker_reference }}"
        echo "* products: ${{ inputs.products }}"
        echo "* filebeat_module_version: ${{ inputs.filebeat_module_version }}"
        echo "* revision: ${{ inputs.revision }}"
        echo "* push_images: ${{ inputs.push_images }}"
        echo "* dev: ${{ inputs.dev }}"
        echo "---------------------------------------------"
    - name: Checkout repository
      uses: actions/checkout@v4
      with:
        ref: ${{ inputs.docker_reference }}
    - name: Log in to Docker Hub
      uses: docker/login-action@v3
      with:
        username: ${{ secrets.DOCKERHUB_USERNAME }}
        password: ${{ secrets.DOCKERHUB_PASSWORD }}
    - name: Install Docker Compose
      run: |
        sudo apt-get update
        sudo apt-get install -y docker-compose
        echo "Installed Docker Compose version: $(docker-compose --version)"
    - name: Build Wazuh images
      run: |
        IMAGE_TAG=${{ inputs.image_tag }}
        FILEBEAT_MODULE_VERSION=${{ inputs.filebeat_module_version }}
        REVISION=${{ inputs.revision }}
        if [[ "$IMAGE_TAG" == *"-"* ]]; then
          IFS='-' read -r -a tokens <<< "$IMAGE_TAG"
          if [ -z "${tokens[1]}" ]; then
            echo "Invalid image tag: $IMAGE_TAG"
            exit 1
          fi
          DEV_STAGE=${tokens[1]}
          WAZUH_VER=${tokens[0]}
          ./build-docker-images/build-images.sh -v $WAZUH_VER -r $REVISION -d $DEV_STAGE -f $FILEBEAT_MODULE_VERSION
        else
          ./build-docker-images/build-images.sh -v $IMAGE_TAG -r $REVISION -f $FILEBEAT_MODULE_VERSION
        fi
        # Save .env file (generated by build-images.sh) contents to $GITHUB_ENV
        ENV_FILE_PATH=".env"
        if [ -f $ENV_FILE_PATH ]; then
          while IFS= read -r line || [ -n "$line" ]; do
            echo "$line" >> $GITHUB_ENV
          done < $ENV_FILE_PATH
        else
          echo "The environment file $ENV_FILE_PATH does not exist!"
          exit 1
        fi
    - name: Tag and Push Wazuh images
      if: ${{ inputs.push_images }}
      run: |
        IMAGE_TAG="${{ inputs.image_tag }}$( [ "${{ inputs.dev }}" == "true" ] && echo '-dev' || true )"
        IMAGE_NAMES=${{ inputs.products }}
        IFS=',' read -r -a images <<< "$IMAGE_NAMES"
        for image in "${images[@]}"; do
          echo "Tagging and pushing wazuh/$image:${WAZUH_VERSION} to wazuh/$image:$IMAGE_TAG"
          docker tag wazuh/$image:${WAZUH_VERSION} wazuh/$image:$IMAGE_TAG
          echo "Pushing wazuh/$image:$IMAGE_TAG ..."
          docker push wazuh/$image:$IMAGE_TAG
        done
--- a/.github/workflows/push.yml
+++ b/.github/workflows/push.yml
@@ -1,31 +1,343 @@
 name: Wazuh Docker pipeline
-on: [push]
+on: [pull_request]
 jobs:
-  build-stack:
+  build-docker-images:
    runs-on: ubuntu-latest
    steps:
    - name: Check out code
-      uses: actions/checkout@v2
+      uses: actions/checkout@v4
-    - name: Build the docker-compose stack
+    - name: Install docker-compose
-      run: docker-compose -f build-wazuh-images.yml up -d --build
+      run: |
        curl -L "https://github.com/docker/compose/releases/download/1.29.2/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose
        chmod +x /usr/local/bin/docker-compose
-    - name: Check running containers
+    - name: Build Wazuh images
-      run: docker ps -a
+      run: build-docker-images/build-images.sh
-    - name: Shutdown the stack
+    - name: Create enviroment variables
-      run: docker-compose -f build-wazuh-images.yml kill
+      run: cat .env > $GITHUB_ENV
    - name: Create backup Docker images
      run: |
        mkdir -p /home/runner/work/wazuh-docker/wazuh-docker/docker-images/
        docker save wazuh/wazuh-manager:${{env.WAZUH_IMAGE_VERSION}} -o /home/runner/work/wazuh-docker/wazuh-docker/docker-images/wazuh-manager.tar
        docker save wazuh/wazuh-indexer:${{env.WAZUH_IMAGE_VERSION}} -o /home/runner/work/wazuh-docker/wazuh-docker/docker-images/wazuh-indexer.tar
        docker save wazuh/wazuh-dashboard:${{env.WAZUH_IMAGE_VERSION}} -o /home/runner/work/wazuh-docker/wazuh-docker/docker-images/wazuh-dashboard.tar
    - name: Temporarily save Wazuh manager Docker image
      uses: actions/upload-artifact@v4
      with:
        name: docker-artifact-manager
        path: /home/runner/work/wazuh-docker/wazuh-docker/docker-images/wazuh-manager.tar
        retention-days: 1
    - name: Temporarily save Wazuh indexer Docker image
      uses: actions/upload-artifact@v4
      with:
        name: docker-artifact-indexer
        path: /home/runner/work/wazuh-docker/wazuh-docker/docker-images/wazuh-indexer.tar
        retention-days: 1
    - name: Temporarily save Wazuh dashboard Docker image
      uses: actions/upload-artifact@v4
      with:
        name: docker-artifact-dashboard
        path: /home/runner/work/wazuh-docker/wazuh-docker/docker-images/wazuh-dashboard.tar
        retention-days: 1
    - name: Install Goss
      uses: e1himself/goss-installation-action@v1.0.3
      with:
        version: v0.3.16
-    - name: Execute Goss tests (wazuh-odfe)
+    - name: Execute Goss tests (wazuh-manager)
-      run: dgoss run wazuh/wazuh-manager:4.3.4
+      run: dgoss run wazuh/wazuh-manager:${{env.WAZUH_IMAGE_VERSION}}
      env:
        GOSS_SLEEP: 30
-        GOSS_FILE: .github/.goss.yaml
+        GOSS_FILE: .github/.goss.yaml
  check-single-node:
    runs-on: ubuntu-latest
    needs: build-docker-images
    steps:
    - name: Check out code
      uses: actions/checkout@v4
    - name: Install docker-compose
      run: |
        curl -L "https://github.com/docker/compose/releases/download/1.29.2/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose
        chmod +x /usr/local/bin/docker-compose
    - name: Create enviroment variables
      run: cat .env > $GITHUB_ENV
    - name: Retrieve saved Wazuh indexer Docker image
      uses: actions/download-artifact@v4
      with:
        name: docker-artifact-indexer
    - name: Retrieve saved Wazuh manager Docker image
      uses: actions/download-artifact@v4
      with:
        name: docker-artifact-manager
    - name: Retrieve saved Wazuh dashboard Docker image
      uses: actions/download-artifact@v4
      with:
        name: docker-artifact-dashboard
    - name: Docker load
      run: |
        docker load --input ./wazuh-indexer.tar
        docker load --input ./wazuh-dashboard.tar
        docker load --input ./wazuh-manager.tar
    - name: Create single node certficates
      run: docker-compose -f single-node/generate-indexer-certs.yml run --rm generator
    - name: Start single node stack
      run: docker-compose -f single-node/docker-compose.yml up -d
    - name: Check Wazuh indexer start
      run: |
       sleep 60
       status_green="`curl -XGET "https://0.0.0.0:9200/_cluster/health" -u admin:SecretPassword -k -s | grep green | wc -l`"
       if [[ $status_green -eq 1 ]]; then
        curl -XGET "https://0.0.0.0:9200/_cluster/health" -u admin:SecretPassword -k -s
       else
        curl -XGET "https://0.0.0.0:9200/_cluster/health" -u admin:SecretPassword -k -s
        exit 1
       fi
       status_index="`curl -XGET "https://0.0.0.0:9200/_cat/indices" -u admin:SecretPassword -k -s | wc -l`"
       status_index_green="`curl -XGET "https://0.0.0.0:9200/_cat/indices" -u admin:SecretPassword -k -s | grep "green" | wc -l`"
       if [[ $status_index_green -eq $status_index ]]; then
        curl -XGET "https://0.0.0.0:9200/_cat/indices" -u admin:SecretPassword -k -s
       else
        curl -XGET "https://0.0.0.0:9200/_cat/indices" -u admin:SecretPassword -k -s
        exit 1
       fi
    - name: Check Wazuh indexer nodes
      run: |
       nodes="`curl -XGET "https://0.0.0.0:9200/_cat/nodes" -u admin:SecretPassword -k -s | grep -E "indexer" | wc -l`"
       if [[ $nodes -eq 1 ]]; then
        echo "Wazuh indexer nodes: ${nodes}"
       else
        echo "Wazuh indexer nodes: ${nodes}"
        exit 1
       fi
    - name: Check documents into wazuh-alerts index
      run: |
       sleep 120
       docs="`curl -XGET "https://0.0.0.0:9200/wazuh-alerts*/_count" -u admin:SecretPassword -k -s | jq -r ".count"`"
       if [[ $docs -gt 0 ]]; then
        echo "wazuh-alerts index documents: ${docs}"
       else
        echo "wazuh-alerts index documents: ${docs}"
        exit 1
       fi
    - name: Check Wazuh templates
      run: |
       qty_templates="`curl -XGET "https://0.0.0.0:9200/_cat/templates" -u admin:SecretPassword -k -s | grep -P "wazuh|wazuh-agent|wazuh-statistics" | wc -l`"
       templates="`curl -XGET "https://0.0.0.0:9200/_cat/templates" -u admin:SecretPassword -k -s | grep -P "wazuh|wazuh-agent|wazuh-statistics"`"
       if [[ $qty_templates -gt 3 ]]; then
        echo "wazuh templates:"
        echo "${templates}"
       else
        echo "wazuh templates:"
        echo "${templates}"
        exit 1
       fi
    - name: Check Wazuh manager start
      run: |
        services="`curl -k -s -X GET "https://0.0.0.0:55000/manager/status?pretty=true" -H  "Authorization: Bearer ${{env.TOKEN}}" | jq -r .data.affected_items | grep running | wc -l`"
        if [[ $services -gt 9 ]]; then
          echo "Wazuh Manager Services: ${services}"
          echo "OK"
        else
          echo "Wazuh indexer nodes: ${nodes}"
          curl -k -X GET "https://0.0.0.0:55000/manager/status?pretty=true" -H  "Authorization: Bearer ${{env.TOKEN}}" | jq -r .data.affected_items
          exit 1
        fi
      env:
        TOKEN: $(curl -s -u wazuh-wui:MyS3cr37P450r.*- -k -X GET "https://0.0.0.0:55000/security/user/authenticate?raw=true")
    - name: Check filebeat output
      run: ./.github/single-node-filebeat-check.sh
    - name: Check Wazuh dashboard service URL
      run: |
       status=$(curl -XGET --silent  https://0.0.0.0:443/app/status -k -u admin:SecretPassword -I -s | grep -E "^HTTP" | awk  '{print $2}')
       if [[ $status -eq 200 ]]; then
        echo "Wazuh dashboard status: ${status}"
       else
        echo "Wazuh dashboard status: ${status}"
        exit 1
       fi
    - name: Check errors in ossec.log
      run: ./.github/single-node-log-check.sh
  check-multi-node:
    runs-on: ubuntu-latest
    needs: build-docker-images
    steps:
    - name: Check out code
      uses: actions/checkout@v4
    - name: Install docker-compose
      run: |
        curl -L "https://github.com/docker/compose/releases/download/1.29.2/docker-compose-$(uname -s)-$(uname -m)" -o /usr/local/bin/docker-compose
        chmod +x /usr/local/bin/docker-compose
    - name: Create enviroment variables
      run: cat .env > $GITHUB_ENV
    - name: free disk space
      run: |
        sudo swapoff -a
        sudo rm -f /swapfile
        sudo apt clean
        docker rmi $(docker image ls -aq)
        df -h
    - name: Retrieve saved Wazuh dashboard Docker image
      uses: actions/download-artifact@v4
      with:
        name: docker-artifact-dashboard
    - name: Retrieve saved Wazuh manager Docker image
      uses: actions/download-artifact@v4
      with:
        name: docker-artifact-manager
    - name: Retrieve saved Wazuh indexer Docker image
      uses: actions/download-artifact@v4
      with:
        name: docker-artifact-indexer
    - name: Docker load
      run: |
        docker load --input ./wazuh-manager.tar
        docker load --input ./wazuh-indexer.tar
        docker load --input ./wazuh-dashboard.tar
        rm -rf wazuh-manager.tar wazuh-indexer.tar wazuh-dashboard.tar
    - name: Create multi node certficates
      run: docker-compose -f multi-node/generate-indexer-certs.yml run --rm generator
    - name: Start multi node stack
      run: docker-compose -f multi-node/docker-compose.yml up -d
    - name: Check Wazuh indexer start
      run: |
       until [[ `curl -XGET "https://0.0.0.0:9200/_cluster/health" -u admin:SecretPassword -k -s | grep green | wc -l`  -eq 1 ]]
       do
         echo 'Waiting for Wazuh indexer start'
         free -m
         df -h
         sleep 120
       done
       status_green="`curl -XGET "https://0.0.0.0:9200/_cluster/health" -u admin:SecretPassword -k -s | grep green | wc -l`"
       if [[ $status_green -eq 1 ]]; then
        curl -XGET "https://0.0.0.0:9200/_cluster/health" -u admin:SecretPassword -k -s
       else
        curl -XGET "https://0.0.0.0:9200/_cluster/health" -u admin:SecretPassword -k -s
        exit 1
       fi
       status_index="`curl -XGET "https://0.0.0.0:9200/_cat/indices" -u admin:SecretPassword -k -s | wc -l`"
       status_index_green="`curl -XGET "https://0.0.0.0:9200/_cat/indices" -u admin:SecretPassword -k -s | grep -E "green" | wc -l`"
       if [[ $status_index_green -eq $status_index ]]; then
        curl -XGET "https://0.0.0.0:9200/_cat/indices" -u admin:SecretPassword -k -s
       else
        curl -XGET "https://0.0.0.0:9200/_cat/indices" -u admin:SecretPassword -k -s
        exit 1
       fi
    - name: Check Wazuh indexer nodes
      run: |
       nodes="`curl -XGET "https://0.0.0.0:9200/_cat/nodes" -u admin:SecretPassword -k -s | grep -E "indexer" | wc -l`"
       if [[ $nodes -eq 3 ]]; then
        echo "Wazuh indexer nodes: ${nodes}"
       else
        echo "Wazuh indexer nodes: ${nodes}"
        exit 1
       fi
    - name: Check documents into wazuh-alerts index
      run: |
       until [[ $(``curl -XGET "https://0.0.0.0:9200/wazuh-alerts*/_count" -u admin:SecretPassword -k -s | jq -r ".count"``)  -gt 0 ]]
       do
         echo 'Waiting for Wazuh indexer events'
         free -m
         df -h
         sleep 10
       done
       docs="`curl -XGET "https://0.0.0.0:9200/wazuh-alerts*/_count" -u admin:SecretPassword -k -s | jq -r ".count"`"
       if [[ $docs -gt 0 ]]; then
        echo "wazuh-alerts index documents: ${docs}"
       else
        echo "wazuh-alerts index documents: ${docs}"
        exit 1
       fi
    - name: Check Wazuh templates
      run: |
       qty_templates="`curl -XGET "https://0.0.0.0:9200/_cat/templates" -u admin:SecretPassword -k -s | grep "wazuh" | wc -l`"
       templates="`curl -XGET "https://0.0.0.0:9200/_cat/templates" -u admin:SecretPassword -k -s | grep "wazuh"`"
       if [[ $qty_templates -gt 3 ]]; then
        echo "wazuh templates:"
        echo "${templates}"
       else
        echo "wazuh templates:"
        echo "${templates}"
        exit 1
       fi
    - name: Check Wazuh manager start
      run: |
        services="`curl -k -s -X GET "https://0.0.0.0:55000/manager/status?pretty=true" -H  "Authorization: Bearer ${{env.TOKEN}}" | jq -r .data.affected_items | grep running | wc -l`"
        if [[ $services -gt 10 ]]; then
          echo "Wazuh Manager Services: ${services}"
          echo "OK"
        else
          echo "Wazuh indexer nodes: ${nodes}"
          curl -k -s -X GET "https://0.0.0.0:55000/manager/status?pretty=true" -H  "Authorization: Bearer ${{env.TOKEN}}" | jq -r .data.affected_items
          exit 1
        fi
        nodes=$(curl -k -s -X GET "https://0.0.0.0:55000/cluster/nodes" -H "Authorization: Bearer ${{env.TOKEN}}" | jq -r ".data.affected_items[].name" | wc -l)
        if [[ $nodes -eq 2 ]]; then
         echo "Wazuh manager nodes: ${nodes}"
        else
         echo "Wazuh manager nodes: ${nodes}"
         exit 1
        fi
      env:
        TOKEN: $(curl -s -u wazuh-wui:MyS3cr37P450r.*- -k -X GET "https://0.0.0.0:55000/security/user/authenticate?raw=true")
    - name: Check filebeat output
      run: ./.github/multi-node-filebeat-check.sh
    - name: Check Wazuh dashboard service URL
      run: |
       status=$(curl -XGET --silent  https://0.0.0.0:443/app/status -k -u admin:SecretPassword -I | grep -E "^HTTP" | awk  '{print $2}')
       if [[ $status -eq 200 ]]; then
        echo "Wazuh dashboard status: ${status}"
       else
        echo "Wazuh dashboard status: ${status}"
        exit 1
       fi
    - name: Check errors in ossec.log
      run: ./.github/multi-node-log-check.sh
--- a/.github/workflows/trivy-dashboard.yml
+++ b/.github/workflows/trivy-dashboard.yml
@@ -0,0 +1,77 @@
 # This workflow uses actions that are not certified by GitHub.
 # They are provided by a third-party and are governed by
 # separate terms of service, privacy policy, and support
 # documentation.
 name: Trivy scan Wazuh dashboard
 on:
  release:
    types:
    - published
  pull_request:
    branches:
      - master
      - stable
  schedule:
    - cron: '34 2 * * 1'
  workflow_dispatch:
 permissions:
  contents: read
 jobs:
  build:
    permissions:
      contents: read # for actions/checkout to fetch code
      security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
    name: Build images and upload Trivy results
    runs-on: "ubuntu-latest"
    steps:
      - name: Checkout code
        uses: actions/checkout@v4
      - name: Installing dependencies
        run: |
          sudo apt-get update
          sudo apt-get install -y jq
      - name: Checkout latest tag
        run: |
          latest=$(curl -s "https://api.github.com/repos/wazuh/wazuh-docker/releases/latest" | jq -r '.tag_name')
          git fetch origin
          git checkout $latest
      - name: Build Wazuh images
        run: build-docker-images/build-images.sh
      - name: Create enviroment variables
        run: |
          cat .env > $GITHUB_ENV
          echo "GITHUB_REF_NAME="${GITHUB_REF_NAME%/*} >> $GITHUB_ENV
      - name: Run Trivy vulnerability scanner for Wazuh dashboard
        uses: aquasecurity/trivy-action@2a2157eb22c08c9a1fac99263430307b8d1bc7a2
        with:
          image-ref: 'wazuh/wazuh-dashboard:${{env.WAZUH_IMAGE_VERSION}}'
          format: 'template'
          template: '@/contrib/sarif.tpl'
          output: 'trivy-results-dashboard.sarif'
          severity: 'LOW,MEDIUM,CRITICAL,HIGH'
      - name: Upload Trivy scan results to GitHub Security tab
        uses: github/codeql-action/upload-sarif@v2
        with:
          sarif_file: 'trivy-results-dashboard.sarif'
      - name: Slack notification
        uses: rtCamp/action-slack-notify@v2
        env:
          SLACK_CHANNEL: cicd-monitoring
          SLACK_COLOR: ${{ job.status }} # or a specific color like 'good' or '#ff00ff'
          #SLACK_ICON: https://github.com/rtCamp.png?size=48
          SLACK_MESSAGE: "Check the results: https://github.com/wazuh/wazuh-docker/security/code-scanning?query=is%3Aopen+branch%3A${{ env.GITHUB_REF_NAME }}"
          SLACK_TITLE: Wazuh docker Trivy vulnerability scan finished.
          SLACK_USERNAME: github_actions
          SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK }}
--- a/.github/workflows/trivy-indexer.yml
+++ b/.github/workflows/trivy-indexer.yml
@@ -0,0 +1,77 @@
 # This workflow uses actions that are not certified by GitHub.
 # They are provided by a third-party and are governed by
 # separate terms of service, privacy policy, and support
 # documentation.
 name: Trivy scan Wazuh indexer
 on:
  release:
    types:
    - published
  pull_request:
    branches:
      - master
      - stable
  schedule:
    - cron: '34 2 * * 1'
  workflow_dispatch:
 permissions:
  contents: read
 jobs:
  build:
    permissions:
      contents: read # for actions/checkout to fetch code
      security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
    name: Build images and upload Trivy results
    runs-on: "ubuntu-latest"
    steps:
      - name: Checkout code
        uses: actions/checkout@v4
      - name: Installing dependencies
        run: |
          sudo apt-get update
          sudo apt-get install -y jq
      - name: Checkout latest tag
        run: |
          latest=$(curl -s "https://api.github.com/repos/wazuh/wazuh-docker/releases/latest" | jq -r '.tag_name')
          git fetch origin
          git checkout $latest
      - name: Build Wazuh images
        run: build-docker-images/build-images.sh
      - name: Create enviroment variables
        run: |
          cat .env > $GITHUB_ENV
          echo "GITHUB_REF_NAME="${GITHUB_REF_NAME%/*} >> $GITHUB_ENV
      - name: Run Trivy vulnerability scanner for Wazuh indexer
        uses: aquasecurity/trivy-action@2a2157eb22c08c9a1fac99263430307b8d1bc7a2
        with:
          image-ref: 'wazuh/wazuh-indexer:${{env.WAZUH_IMAGE_VERSION}}'
          format: 'template'
          template: '@/contrib/sarif.tpl'
          output: 'trivy-results-indexer.sarif'
          severity: 'LOW,MEDIUM,CRITICAL,HIGH'
      - name: Upload Trivy scan results to GitHub Security tab
        uses: github/codeql-action/upload-sarif@v2
        with:
          sarif_file: 'trivy-results-indexer.sarif'
      - name: Slack notification
        uses: rtCamp/action-slack-notify@v2
        env:
          SLACK_CHANNEL: cicd-monitoring
          SLACK_COLOR: ${{ job.status }} # or a specific color like 'good' or '#ff00ff'
          #SLACK_ICON: https://github.com/rtCamp.png?size=48
          SLACK_MESSAGE: "Check the results: https://github.com/wazuh/wazuh-docker/security/code-scanning?query=is%3Aopen+branch%3A${{ env.GITHUB_REF_NAME }}"
          SLACK_TITLE: Wazuh docker Trivy vulnerability scan finished.
          SLACK_USERNAME: github_actions
          SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK }}
--- a/.github/workflows/trivy-manager.yml
+++ b/.github/workflows/trivy-manager.yml
@@ -0,0 +1,77 @@
 # This workflow uses actions that are not certified by GitHub.
 # They are provided by a third-party and are governed by
 # separate terms of service, privacy policy, and support
 # documentation.
 name: Trivy scan Wazuh manager
 on:
  release:
    types:
    - published
  pull_request:
    branches:
      - master
      - stable
  schedule:
    - cron: '34 2 * * 1'
  workflow_dispatch:
 permissions:
  contents: read
 jobs:
  build:
    permissions:
      contents: read # for actions/checkout to fetch code
      security-events: write # for github/codeql-action/upload-sarif to upload SARIF results
    name: Build images and upload Trivy results
    runs-on: "ubuntu-latest"
    steps:
      - name: Checkout code
        uses: actions/checkout@v4
      - name: Installing dependencies
        run: |
          sudo apt-get update
          sudo apt-get install -y jq
      - name: Checkout latest tag
        run: |
          latest=$(curl -s "https://api.github.com/repos/wazuh/wazuh-docker/releases/latest" | jq -r '.tag_name')
          git fetch origin
          git checkout $latest
      - name: Build Wazuh images
        run: build-docker-images/build-images.sh
      - name: Create enviroment variables
        run: |
          cat .env > $GITHUB_ENV
          echo "GITHUB_REF_NAME="${GITHUB_REF_NAME%/*} >> $GITHUB_ENV
      - name: Run Trivy vulnerability scanner for Wazuh manager
        uses: aquasecurity/trivy-action@2a2157eb22c08c9a1fac99263430307b8d1bc7a2
        with:
          image-ref: 'wazuh/wazuh-manager:${{env.WAZUH_IMAGE_VERSION}}'
          format: 'template'
          template: '@/contrib/sarif.tpl'
          output: 'trivy-results-manager.sarif'
          severity: 'LOW,MEDIUM,CRITICAL,HIGH'
      - name: Upload Trivy scan results to GitHub Security tab
        uses: github/codeql-action/upload-sarif@v2
        with:
          sarif_file: 'trivy-results-manager.sarif'
      - name: Slack notification
        uses: rtCamp/action-slack-notify@v2
        env:
          SLACK_CHANNEL: cicd-monitoring
          SLACK_COLOR: ${{ job.status }} # or a specific color like 'good' or '#ff00ff'
          #SLACK_ICON: https://github.com/rtCamp.png?size=48
          SLACK_MESSAGE: "Check the results: https://github.com/wazuh/wazuh-docker/security/code-scanning?query=is%3Aopen+branch%3A${{ env.GITHUB_REF_NAME }}"
          SLACK_TITLE: Wazuh docker Trivy vulnerability scan finished.
          SLACK_USERNAME: github_actions
          SLACK_WEBHOOK: ${{ secrets.SLACK_WEBHOOK }}
--- a/.gitignore
+++ b/.gitignore
@@ -1,4 +1,4 @@
 single-node/config/wazuh_indexer_ssl_certs/*.pem
 single-node/config/wazuh_indexer_ssl_certs/*.key
 multi-node/config/wazuh_indexer_ssl_certs/*.pem
-multi-node/config/wazuh_indexer_ssl_certs/*.key
+multi-node/config/wazuh_indexer_ssl_certs/*.key
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,6 +1,236 @@
 # Change Log
 All notable changes to this project will be documented in this file.
 ## [4.10.2]
 ### Added
 - None
 ### Changed
 - None
 ### Fixed
 - Updated docker/login-action module ([#1837](https://github.com/wazuh/wazuh-docker/pull/1837))
 ### Deleted
 - None
 ## [4.10.1]
 ### Added
 - None
 ### Changed
 - None
 ### Fixed
 - None
 ### Deleted
 - None
 ## [4.10.0]
 ### Added
 - Improve the push docker images workflow ([#1551](https://github.com/wazuh/wazuh-docker/pull/1551))
 - Update the Procedure push docker images workflow file ([#1524](https://github.com/wazuh/wazuh-docker/pull/1524))
 - Add the push_docker_images procedure workflow file ([#1518](https://github.com/wazuh/wazuh-docker/pull/1518))
 ### Changed
 - None
 ### Fixed
 - Add unset capabilities. ([#1619](https://github.com/wazuh/wazuh-docker/pull/1619))
 - Removed references to module enabling because they are now enabled by default. ([#1416](https://github.com/wazuh/wazuh-docker/pull/1416))
 ### Deleted
 - None
 ## [4.9.2]
 ### Added
 - Update Wazuh to version [4.9.2](https://github.com/wazuh/wazuh/blob/v4.9.2/CHANGELOG.md#v492)
 ## [4.9.1]
 ### Added
 - None
 ### Changed
 - None
 ### Fixed
 - Fix typos into Wazuh manager entrypoint ([#1569](https://github.com/wazuh/wazuh-docker/pull/1569))
 ### Deleted
 - None
 ## Wazuh Docker v4.9.0
 ### Added
 - Update Wazuh to version [4.9.0](https://github.com/wazuh/wazuh/blob/v4.9.0/CHANGELOG.md#v490)
 ## Wazuh Docker v4.8.2
 ### Added
 - Update Wazuh to version [4.8.2](https://github.com/wazuh/wazuh/blob/v4.8.2/CHANGELOG.md#v482)
 ## Wazuh Docker v4.8.1
 ### Added
 - Update Wazuh to version [4.8.1](https://github.com/wazuh/wazuh/blob/v4.8.1/CHANGELOG.md#v481)
 ## Wazuh Docker v4.8.0
 ### Added
 - Update Wazuh to version [4.8.0](https://github.com/wazuh/wazuh/blob/v4.8.0/CHANGELOG.md#v480)
 ## Wazuh Docker v4.7.5
 ### Added
 - Update Wazuh to version [4.7.5](https://github.com/wazuh/wazuh/blob/v4.7.5/CHANGELOG.md#v475)
 ## Wazuh Docker v4.7.4
 ### Added
 - Update Wazuh to version [4.7.4](https://github.com/wazuh/wazuh/blob/v4.7.4/CHANGELOG.md#v474)
 ## Wazuh Docker v4.7.3
 ### Added
 - Update Wazuh to version [4.7.3](https://github.com/wazuh/wazuh/blob/v4.7.3/CHANGELOG.md#v473)
 ## Wazuh Docker v4.7.2
 ### Added
 - Update Wazuh to version [4.7.2](https://github.com/wazuh/wazuh/blob/v4.7.2/CHANGELOG.md#v472)
 ## Wazuh Docker v4.7.1
 ### Added
 - Update Wazuh to version [4.7.1](https://github.com/wazuh/wazuh/blob/v4.7.1/CHANGELOG.md#v471)
 ## Wazuh Docker v4.7.0
 ### Added
 - Update Wazuh to version [4.7.0](https://github.com/wazuh/wazuh/blob/v4.7.0/CHANGELOG.md#v470)
 ## Wazuh Docker v4.6.0
 ### Added
 - Update Wazuh to version [4.6.0](https://github.com/wazuh/wazuh/blob/v4.6.0/CHANGELOG.md#v460)
 ## Wazuh Docker v4.5.4
 ### Added
 - Update Wazuh to version [4.5.4](https://github.com/wazuh/wazuh/blob/v4.5.4/CHANGELOG.md#v454)
 ## Wazuh Docker v4.5.3
 ### Added
 - Update Wazuh to version [4.5.3](https://github.com/wazuh/wazuh/blob/v4.5.3/CHANGELOG.md#v453)
 ## Wazuh Docker v4.5.2
 ### Added
 - Update Wazuh to version [4.5.2](https://github.com/wazuh/wazuh/blob/v4.5.2/CHANGELOG.md#v452)
 ## Wazuh Docker v4.5.1
 ### Added
 - Update Wazuh to version [4.5.1](https://github.com/wazuh/wazuh/blob/v4.5.1/CHANGELOG.md#v451)
 ## Wazuh Docker v4.5.0
 ### Added
 - Update Wazuh to version [4.5.0](https://github.com/wazuh/wazuh/blob/v4.5.0/CHANGELOG.md#v450)
 ## Wazuh Docker v4.4.5
 ### Added
 - Update Wazuh to version [4.4.5](https://github.com/wazuh/wazuh/blob/v4.4.5/CHANGELOG.md#v445)
 ## Wazuh Docker v4.4.4
 ### Added
 - Update Wazuh to version [4.4.4](https://github.com/wazuh/wazuh/blob/v4.4.4/CHANGELOG.md#v444)
 ## Wazuh Docker v4.4.3
 ### Added
 - Update Wazuh to version [4.4.3](https://github.com/wazuh/wazuh/blob/v4.4.3/CHANGELOG.md#v443)
 ## Wazuh Docker v4.4.2
 ### Added
 - Update Wazuh to version [4.4.2](https://github.com/wazuh/wazuh/blob/v4.4.2/CHANGELOG.md#v442)
 ## Wazuh Docker v4.4.1
 ### Added
 - Update Wazuh to version [4.4.1](https://github.com/wazuh/wazuh/blob/v4.4.1/CHANGELOG.md#v441)
 ## Wazuh Docker v4.4.0
 ### Added
 - Update Wazuh to version [4.4.0](https://github.com/wazuh/wazuh/blob/v4.4.0/CHANGELOG.md#v440)
 ## Wazuh Docker v4.3.11
 ### Added
 - Update Wazuh to version [4.3.11](https://github.com/wazuh/wazuh/blob/v4.3.11/CHANGELOG.md#v4311)
 ## Wazuh Docker v4.3.10
 ### Added
 - Update Wazuh to version [4.3.10](https://github.com/wazuh/wazuh/blob/v4.3.10/CHANGELOG.md#v4310)
 ## Wazuh Docker v4.3.9
 ### Added
 - Update Wazuh to version [4.3.9](https://github.com/wazuh/wazuh/blob/v4.3.9/CHANGELOG.md#v439)
 ## Wazuh Docker v4.3.8
 ### Added
 - Update Wazuh to version [4.3.8](https://github.com/wazuh/wazuh/blob/v4.3.8/CHANGELOG.md#v438)
 ## Wazuh Docker v4.3.7
 ### Added
 - Update Wazuh to version [4.3.7](https://github.com/wazuh/wazuh/blob/v4.3.7/CHANGELOG.md#v437)
 ## Wazuh Docker v4.3.6
 ### Added
 - Update Wazuh to version [4.3.6](https://github.com/wazuh/wazuh/blob/v4.3.6/CHANGELOG.md#v436)
 ## Wazuh Docker v4.3.5
 ### Added
 - Update Wazuh to version [4.3.5](https://github.com/wazuh/wazuh/blob/v4.3.5/CHANGELOG.md#v435)
 ## Wazuh Docker v4.3.4
 ### Added
--- a/README.md
+++ b/README.md
@@ -8,19 +8,19 @@
 In this repository you will find the containers to run:
 * Wazuh manager: it runs the Wazuh manager, Wazuh API and Filebeat OSS
-* Wazuh dashboard: provides a web user interface to browse through alerts data and allows you to visualize agents configuration and status.
+* Wazuh dashboard: provides a web user interface to browse through alert data and allows you to visualize the agents configuration and status.
 * Wazuh indexer: Wazuh indexer container (working as a single-node cluster or as a multi-node cluster). **Be aware to increase the `vm.max_map_count` setting, as it's detailed in the [Wazuh documentation](https://documentation.wazuh.com/current/docker/wazuh-container.html#increase-max-map-count-on-your-host-linux).**
 The folder `build-docker-images` contains a README explaining how to build the Wazuh images and the necessary assets.
 The folder `indexer-certs-creator` contains a README explaining how to create the certificates creator tool and the necessary assets.
 The folder `single-node` contains a README explaining how to run a Wazuh environment with one Wazuh manager, one Wazuh indexer, and one Wazuh dashboard.
-The folder `multi-node` contains a README explaining how to run a Wazuh environment with two Wazuh managers, three Wazuh indexer, and one Wazuh dashboard.
+The folder `multi-node` contains a README explaining how to run a Wazuh environment with two Wazuh managers, three Wazuh indexers, and one Wazuh dashboard.
 ## Documentation
 * [Wazuh full documentation](http://documentation.wazuh.com)
 * [Wazuh documentation for Docker](https://documentation.wazuh.com/current/docker/index.html)
-* [Docker hub](https://hub.docker.com/u/wazuh)
+* [Docker Hub](https://hub.docker.com/u/wazuh)
 ### Setup SSL certificate
@@ -36,13 +36,13 @@ Default values are included when available.
 ### Wazuh
 ```
-API_USERNAME="wazuh"                                # Wazuh API username
+API_USERNAME="wazuh-wui"                            # Wazuh API username
-API_PASSWORD="wazuh"                                # Wazuh API password - Must comply with requirements
+API_PASSWORD="MyS3cr37P450r.*-"                     # Wazuh API password - Must comply with requirements
-                                                    # (8+ length, uppercase, lowercase, specials chars)
+                                                    # (8+ length, uppercase, lowercase, special chars)
 INDEXER_URL=https://wazuh.indexer:9200              # Wazuh indexer URL
 INDEXER_USERNAME=admin                              # Wazuh indexer Username
-INDEXER_PASSWORD=admin                              # Wazuh indexer Password
+INDEXER_PASSWORD=SecretPassword                     # Wazuh indexer Password
 FILEBEAT_SSL_VERIFICATION_MODE=full                 # Filebeat SSL Verification mode (full or none)
 SSL_CERTIFICATE_AUTHORITIES=""                      # Path of Filebeat SSL CA
 SSL_CERTIFICATE=""                                  # Path of Filebeat SSL Certificate
@@ -53,52 +53,45 @@ SSL_KEY=""                                          # Path of Filebeat SSL Key
 ```
 PATTERN="wazuh-alerts-*"        # Default index pattern to use
-CHECKS_PATTERN=true             # Defines which checks must to be consider by the healthcheck
+CHECKS_PATTERN=true             # Defines which checks must be considered by the healthcheck
-CHECKS_TEMPLATE=true            # step once the Wazuh app starts. Values must to be true or false
+CHECKS_TEMPLATE=true            # step once the Wazuh app starts. Values must be true or false
 CHECKS_API=true
 CHECKS_SETUP=true
 EXTENSIONS_PCI=true             # Enable PCI Extension
 EXTENSIONS_GDPR=true            # Enable GDPR Extension
 EXTENSIONS_HIPAA=true           # Enable HIPAA Extension
 EXTENSIONS_NIST=true            # Enable NIST Extension
 EXTENSIONS_TSC=true             # Enable TSC Extension
 EXTENSIONS_AUDIT=true           # Enable Audit Extension
 EXTENSIONS_OSCAP=false          # Enable OpenSCAP Extension
 EXTENSIONS_CISCAT=false         # Enable CISCAT Extension
 EXTENSIONS_AWS=false            # Enable AWS Extension
 EXTENSIONS_GCP=false            # Enable GCP Extension
 EXTENSIONS_VIRUSTOTAL=false     # Enable Virustotal Extension
 EXTENSIONS_OSQUERY=false        # Enable OSQuery Extension
 EXTENSIONS_DOCKER=false         # Enable Docker Extension
 APP_TIMEOUT=20000               # Defines maximum timeout to be used on the Wazuh app requests
 API_SELECTOR=true               Defines if the user is allowed to change the selected API directly from the Wazuh app top menu
 IP_SELECTOR=true                # Defines if the user is allowed to change the selected index pattern directly from the Wazuh app top menu
 IP_IGNORE="[]"                  # List of index patterns to be ignored
 DASHBOARD_USERNAME=kibanaserver     # Custom user saved in the dashboard keystore
 DASHBOARD_PASSWORD=kibanaserver     # Custom password saved in the dashboard keystore
 WAZUH_MONITORING_ENABLED=true       # Custom settings to enable/disable wazuh-monitoring indices
 WAZUH_MONITORING_FREQUENCY=900      # Custom setting to set the frequency for wazuh-monitoring indices cron task
 WAZUH_MONITORING_SHARDS=2           # Configure wazuh-monitoring-* indices shards and replicas
-WAZUH_MONITORING_REPLICAS=0         #
+WAZUH_MONITORING_REPLICAS=0         ##
 ```
 ## Directory structure
    ├── build-docker-images
-    │   ├── docker-compose.yml
+    │   ├── build-images.sh
    │   ├── build-images.yml
    │   ├── README.md
    │   ├── wazuh-dashboard
    │   │   ├── config
    │   │   │   ├── config.sh
    │   │   │   ├── config.yml
    │   │   │   ├── dl_base.sh
    │   │   │   ├── entrypoint.sh
    │   │   │   ├── install_wazuh_app.sh
    │   │   │   ├── opensearch_dashboards.yml
    │   │   │   ├── wazuh_app_config.sh
    │   │   │   └── wazuh.yml
    │   │   └── Dockerfile
    │   ├── wazuh-indexer
    │   │   ├── config
    │   │   │   ├── action_groups.yml
    │   │   │   ├── config.sh
    │   │   │   ├── config.yml
    │   │   │   ├── entrypoint.sh
@@ -110,6 +103,7 @@ WAZUH_MONITORING_REPLICAS=0         #
    │   │   └── Dockerfile
    │   └── wazuh-manager
    │       ├── config
    │       │   ├── check_repository.sh
    │       │   ├── create_user.py
    │       │   ├── etc
    │       │   │   ├── cont-init.d
@@ -122,19 +116,21 @@ WAZUH_MONITORING_REPLICAS=0         #
    │       │   │       │   └── run
    │       │   │       └── ossec-logs
    │       │   │           └── run
    │       │   ├── filebeat_module.sh
    │       │   ├── filebeat.yml
    │       │   ├── permanent_data.env
-    │       │   ├── permanent_data.sh
+    │       │   └── permanent_data.sh
    │       │   └── wazuh.repo
    │       └── Dockerfile
    ├── CHANGELOG.md
    ├── indexer-certs-creator
    │   ├── config
    │   │   └── entrypoint.sh
-    │   └── Dockerfile
+    │   ├── Dockerfile
    │   └── README.md
    ├── LICENSE
    ├── multi-node
    │   ├── config
    │   │   ├── certs.yml
    │   │   ├── nginx
    │   │   │   └── nginx.conf
    │   │   ├── wazuh_cluster
@@ -143,40 +139,29 @@ WAZUH_MONITORING_REPLICAS=0         #
    │   │   ├── wazuh_dashboard
    │   │   │   ├── opensearch_dashboards.yml
    │   │   │   └── wazuh.yml
-    │   │   ├── wazuh_indexer
+    │   │   └── wazuh_indexer
-    │   │   │   ├── internal_users.yml
+    │   │       ├── internal_users.yml
-    │   │   │   ├── wazuh1.indexer.yml
+    │   │       ├── wazuh1.indexer.yml
-    │   │   │   ├── wazuh2.indexer.yml
+    │   │       ├── wazuh2.indexer.yml
-    │   │   │   └── wazuh3.indexer.yml
+    │   │       └── wazuh3.indexer.yml
    │   │   └── wazuh_indexer_ssl_certs
    │   │       └── certs.yml
    │   ├── docker-compose.yml
    │   ├── generate-indexer-certs.yml
-    │   ├── Migration-to-Wazuh-4.3.md
+    │   ├── Migration-to-Wazuh-4.4.md
    │   ├── README.md
    │   └── volume-migrator.sh
    ├── README.md
    ├── SECURITY.md
    ├── single-node
    │   ├── config
    │   │   ├── certs.yml
    │   │   ├── wazuh_cluster
    │   │   │   └── wazuh_manager.conf
    │   │   ├── wazuh_dashboard
    │   │   │   ├── opensearch_dashboards.yml
    │   │   │   └── wazuh.yml
-    │   │   ├── wazuh_indexer
+    │   │   └── wazuh_indexer
-    │   │   │   ├── internal_users.yml
+    │   │       ├── internal_users.yml
-    │   │   │   └── wazuh.indexer.yml
+    │   │       └── wazuh.indexer.yml
    │   │   └── wazuh_indexer_ssl_certs
    │   │       ├── admin-key.pem
    │   │       ├── admin.pem
    │   │       ├── certs.yml
    │   │       ├── root-ca.key
    │   │       ├── root-ca.pem
    │   │       ├── wazuh.dashboard-key.pem
    │   │       ├── wazuh.dashboard.pem
    │   │       ├── wazuh.indexer-key.pem
    │   │       ├── wazuh.indexer.pem
    │   │       ├── wazuh.manager-key.pem
    │   │       └── wazuh.manager.pem
    │   ├── docker-compose.yml
    │   ├── generate-indexer-certs.yml
    │   └── README.md
@@ -187,12 +172,46 @@ WAZUH_MONITORING_REPLICAS=0         #
 ## Branches
 * `master` branch contains the latest code, be aware of possible bugs on this branch.
-* `stable` branch on correspond to the last Wazuh stable version.
+* `stable` branch corresponds to the last Wazuh stable version.
 ## Compatibility Matrix
 | Wazuh version | ODFE    | XPACK  |
 |---------------|---------|--------|
 | v4.10.2       |         |        |
 | v4.10.1       |         |        |
 | v4.10.0       |         |        |
 | v4.9.2        |         |        |
 | v4.9.1        |         |        |
 | v4.9.0        |         |        |
 | v4.8.2        |         |        |
 | v4.8.1        |         |        |
 | v4.8.0        |         |        |
 | v4.7.5        |         |        |
 | v4.7.4        |         |        |
 | v4.7.3        |         |        |
 | v4.7.2        |         |        |
 | v4.7.1        |         |        |
 | v4.7.0        |         |        |
 | v4.6.0        |         |        |
 | v4.5.4        |         |        |
 | v4.5.3        |         |        |
 | v4.5.2        |         |        |
 | v4.5.1        |         |        |
 | v4.5.0        |         |        |
 | v4.4.5        |         |        |
 | v4.4.4        |         |        |
 | v4.4.3        |         |        |
 | v4.4.2        |         |        |
 | v4.4.1        |         |        |
 | v4.4.0        |         |        |
 | v4.3.11       |         |        |
 | v4.3.10       |         |        |
 | v4.3.9        |         |        |
 | v4.3.8        |         |        |
 | v4.3.7        |         |        |
 | v4.3.6        |         |        |
 | v4.3.5        |         |        |
 | v4.3.4        |         |        |
 | v4.3.3        |         |        |
 | v4.3.2        |         |        |
@@ -225,7 +244,7 @@ These Docker containers are based on:
 *  "deviantony" dockerfiles which can be found at [https://github.com/deviantony/docker-elk](https://github.com/deviantony/docker-elk)
 *  "xetus-oss" dockerfiles, which can be found at [https://github.com/xetus-oss/docker-ossec-server](https://github.com/xetus-oss/docker-ossec-server)
-We thank you them and everyone else who has contributed to this project.
+We thank them and everyone else who has contributed to this project.
 ## License and copyright
--- a/SECURITY.md
+++ b/SECURITY.md
@@ -0,0 +1,45 @@
 # Wazuh Open Source Project Security Policy
 Version: 2023-06-12
 ## Introduction
 This document outlines the Security Policy for Wazuh's open source projects. It emphasizes our commitment to maintain a secure environment for our users and contributors, and reflects our belief in the power of collaboration to identify and resolve security vulnerabilities.
 ## Scope
 This policy applies to all open source projects developed, maintained, or hosted by Wazuh.
 ## Reporting Security Vulnerabilities
 If you believe you've discovered a potential security vulnerability in one of our open source projects, we strongly encourage you to report it to us responsibly.
 Please submit your findings as security advisories under the "Security" tab in the relevant GitHub repository. Alternatively, you may send the details of your findings to [security@wazuh.com](mailto:security@wazuh.com).
 ## Vulnerability Disclosure Policy
 Upon receiving a report of a potential vulnerability, our team will initiate an investigation. If the reported issue is confirmed as a vulnerability, we will take the following steps:
 1. Acknowledgment: We will acknowledge the receipt of your vulnerability report and begin our investigation.
 2. Validation: We will validate the issue and work on reproducing it in our environment.
 3. Remediation: We will work on a fix and thoroughly test it
 4. Release & Disclosure: After 90 days from the discovery of the vulnerability, or as soon as a fix is ready and thoroughly tested (whichever comes first), we will release a security update for the affected project. We will also publicly disclose the vulnerability by publishing a CVE (Common Vulnerabilities and Exposures) and acknowledging the discovering party.
 5. Exceptions: In order to preserve the security of the Wazuh community at large, we might extend the disclosure period to allow users to patch their deployments.
 This 90-day period allows for end-users to update their systems and minimizes the risk of widespread exploitation of the vulnerability.
 ## Automatic Scanning
 We leverage GitHub Actions to perform automated scans of our supply chain. These scans assist us in identifying vulnerabilities and outdated dependencies in a proactive and timely manner.
 ## Credit
 We believe in giving credit where credit is due. If you report a security vulnerability to us, and we determine that it is a valid vulnerability, we will publicly credit you for the discovery when we disclose the vulnerability. If you wish to remain anonymous, please indicate so in your initial report.
 We do appreciate and encourage feedback from our community, but currently we do not have a bounty program. We might start bounty programs in the future.
 ## Compliance with this Policy
 We consider the discovery and reporting of security vulnerabilities an important public service. We encourage responsible reporting of any vulnerabilities that may be found in our site or applications.
 Furthermore, we will not take legal action against or suspend or terminate access to the site or services of those who discover and report security vulnerabilities in accordance with this policy because of the fact.
 We ask that all users and contributors respect this policy and the security of our community's users by disclosing vulnerabilities to us in accordance with this policy.
 ## Changes to this Security Policy
 This policy may be revised from time to time. Each version of the policy will be identified at the top of the page by its effective date.
 If you have any questions about this Security Policy, please contact us at [security@wazuh.com](mailto:security@wazuh.com)
--- a/4
+++ b/4
@@ -1,2 +1,2 @@
-WAZUH-DOCKER_VERSION="4.3.4"
+WAZUH-DOCKER_VERSION="4.10.2"
-REVISION="40316"
+REVISION="41021"
--- a/build-docker-images/README.md
+++ b/build-docker-images/README.md
@@ -1,7 +1,32 @@
 # Wazuh Docker Image Builder
-This stack allows you to build the Wazuh manager, indexer, and dashboard images locally by running the command:
+The creation of the images for the Wazuh stack deployment in Docker is done with the build-images.yml script
 To execute the process, the following must be executed in the root of the wazuh-docker repository:
 ```
-$ docker-compose build
+$ build-docker-images/build-images.sh
 ```
 This script initializes the environment variables needed to build each of the images.
 The script allows you to build images from other versions of Wazuh, to do this you must use the -v or --version argument:
 ```
 $ build-docker-images/build-images.sh -v 4.10.2
 ```
 To get all the available script options use the -h or --help option:
 ```
 $ build-docker-images/build-images.sh -h
 Usage: build-docker-images/build-images.sh [OPTIONS]
    -d, --dev <ref>              [Optional] Set the development stage you want to build, example rc1 or beta1, not used by default.
    -f, --filebeat-module <ref>  [Optional] Set Filebeat module version. By default 0.4.
    -r, --revision <rev>         [Optional] Package revision. By default 1
    -v, --version <ver>          [Optional] Set the Wazuh version should be builded. By default, 4.10.2.
    -h, --help                   Show this help.
 ```
--- a/build-docker-images/build-images.sh
+++ b/build-docker-images/build-images.sh
@@ -0,0 +1,144 @@
 WAZUH_IMAGE_VERSION=4.10.2
 WAZUH_VERSION=$(echo $WAZUH_IMAGE_VERSION | sed -e 's/\.//g')
 WAZUH_TAG_REVISION=1
 WAZUH_CURRENT_VERSION=$(curl --silent https://api.github.com/repos/wazuh/wazuh/releases/latest | grep '["]tag_name["]:' | sed -E 's/.*\"([^\"]+)\".*/\1/' | cut -c 2- | sed -e 's/\.//g')
 IMAGE_VERSION=${WAZUH_IMAGE_VERSION}
 # Wazuh package generator
 # Copyright (C) 2023, Wazuh Inc.
 #
 # This program is a free software; you can redistribute it
 # and/or modify it under the terms of the GNU General Public
 # License (version 2) as published by the FSF - Free Software
 # Foundation.
 WAZUH_IMAGE_VERSION="4.10.2"
 WAZUH_TAG_REVISION="1"
 WAZUH_DEV_STAGE=""
 FILEBEAT_MODULE_VERSION="0.4"
 # -----------------------------------------------------------------------------
 trap ctrl_c INT
 clean() {
    exit_code=$1
    exit ${exit_code}
 }
 ctrl_c() {
    clean 1
 }
 # -----------------------------------------------------------------------------
 build() {
    WAZUH_VERSION="$(echo $WAZUH_IMAGE_VERSION | sed -e 's/\.//g')"
    FILEBEAT_TEMPLATE_BRANCH="${WAZUH_IMAGE_VERSION}"
    WAZUH_FILEBEAT_MODULE="wazuh-filebeat-${FILEBEAT_MODULE_VERSION}.tar.gz"
    WAZUH_UI_REVISION="${WAZUH_TAG_REVISION}"
    if  [ "${WAZUH_DEV_STAGE}" ];then
        FILEBEAT_TEMPLATE_BRANCH="v${FILEBEAT_TEMPLATE_BRANCH}-${WAZUH_DEV_STAGE,,}"
        if ! curl --output /dev/null --silent --head --fail "https://github.com/wazuh/wazuh/tree/${FILEBEAT_TEMPLATE_BRANCH}"; then
            echo "The indicated branch does not exist in the wazuh/wazuh repository: ${FILEBEAT_TEMPLATE_BRANCH}"
            clean 1
        fi
    else
        if curl --output /dev/null --silent --head --fail "https://github.com/wazuh/wazuh/tree/v${FILEBEAT_TEMPLATE_BRANCH}"; then
            FILEBEAT_TEMPLATE_BRANCH="v${FILEBEAT_TEMPLATE_BRANCH}"
        elif curl --output /dev/null --silent --head --fail "https://github.com/wazuh/wazuh/tree/${FILEBEAT_TEMPLATE_BRANCH}"; then
            FILEBEAT_TEMPLATE_BRANCH="${FILEBEAT_TEMPLATE_BRANCH}"
        else
            WAZUH_MASTER_VERSION="$(curl -s https://raw.githubusercontent.com/wazuh/wazuh/master/src/VERSION | sed -e 's/v//g')"
            if [ "${FILEBEAT_TEMPLATE_BRANCH}" == "${WAZUH_MASTER_VERSION}" ]; then
                FILEBEAT_TEMPLATE_BRANCH="master"
            else
                echo "The indicated branch does not exist in the wazuh/wazuh repository: ${FILEBEAT_TEMPLATE_BRANCH}"
                clean 1
            fi
        fi
    fi
    echo WAZUH_VERSION=$WAZUH_IMAGE_VERSION > .env
    echo WAZUH_IMAGE_VERSION=$WAZUH_IMAGE_VERSION >> .env
    echo WAZUH_TAG_REVISION=$WAZUH_TAG_REVISION >> .env
    echo FILEBEAT_TEMPLATE_BRANCH=$FILEBEAT_TEMPLATE_BRANCH >> .env
    echo WAZUH_FILEBEAT_MODULE=$WAZUH_FILEBEAT_MODULE >> .env
    echo WAZUH_UI_REVISION=$WAZUH_UI_REVISION >> .env
    docker-compose -f build-docker-images/build-images.yml --env-file .env build --no-cache || clean 1
    return 0
 }
 # -----------------------------------------------------------------------------
 help() {
    echo
    echo "Usage: $0 [OPTIONS]"
    echo
    echo "    -d, --dev <ref>              [Optional] Set the development stage you want to build, example rc1 or beta1, not used by default."
    echo "    -f, --filebeat-module <ref>  [Optional] Set Filebeat module version. By default ${FILEBEAT_MODULE_VERSION}."
    echo "    -r, --revision <rev>         [Optional] Package revision. By default ${WAZUH_TAG_REVISION}"
    echo "    -v, --version <ver>          [Optional] Set the Wazuh version should be builded. By default, ${WAZUH_IMAGE_VERSION}."
    echo "    -h, --help                   Show this help."
    echo
    exit $1
 }
 # -----------------------------------------------------------------------------
 main() {
    while [ -n "${1}" ]
    do
        case "${1}" in
        "-h"|"--help")
            help 0
            ;;
        "-d"|"--dev")
            if [ -n "${2}" ]; then
                WAZUH_DEV_STAGE="${2}"
                shift 2
            else
                help 1
            fi
            ;;
        "-f"|"--filebeat-module")
            if [ -n "${2}" ]; then
                FILEBEAT_MODULE_VERSION="${2}"
                shift 2
            else
                help 1
            fi
            ;;
        "-r"|"--revision")
            if [ -n "${2}" ]; then
                WAZUH_TAG_REVISION="${2}"
                shift 2
            else
                help 1
            fi
            ;;
        "-v"|"--version")
            if [ -n "$2" ]; then
                WAZUH_IMAGE_VERSION="$2"
                shift 2
            else
                help 1
            fi
            ;;
        *)
            help 1
        esac
    done
    build || clean 1
    clean 0
 }
 main "$@"
--- a/build-docker-images/docker-compose.yml
+++ b/build-docker-images/docker-compose.yml
@@ -3,8 +3,14 @@ version: '3.7'
 services:
  wazuh.manager:
-    build:  wazuh-manager/
+    build:
-    image: wazuh/wazuh-manager:4.3.4
+      context: wazuh-manager/
      args:
        WAZUH_VERSION: ${WAZUH_VERSION}
        WAZUH_TAG_REVISION: ${WAZUH_TAG_REVISION}
        FILEBEAT_TEMPLATE_BRANCH: ${FILEBEAT_TEMPLATE_BRANCH}
        WAZUH_FILEBEAT_MODULE: ${WAZUH_FILEBEAT_MODULE}
    image: wazuh/wazuh-manager:${WAZUH_IMAGE_VERSION}
    hostname: wazuh.manager
    restart: always
    ports:
@@ -31,8 +37,12 @@ services:
      - filebeat_var:/var/lib/filebeat
  wazuh.indexer:
-    build: wazuh-indexer/
+    build:
-    image: wazuh/wazuh-indexer:4.3.4
+      context: wazuh-indexer/
      args:
        WAZUH_VERSION: ${WAZUH_VERSION}
        WAZUH_TAG_REVISION: ${WAZUH_TAG_REVISION}
    image: wazuh/wazuh-indexer:${WAZUH_IMAGE_VERSION}
    hostname: wazuh.indexer
    restart: always
    ports:
@@ -48,8 +58,13 @@ services:
        hard: 65536
  wazuh.dashboard:
-    build: wazuh-dashboard/
+    build:
-    image: wazuh/wazuh-dashboard:4.3.4
+      context: wazuh-dashboard/
      args:
        WAZUH_VERSION: ${WAZUH_VERSION}
        WAZUH_TAG_REVISION: ${WAZUH_TAG_REVISION}
        WAZUH_UI_REVISION: ${WAZUH_UI_REVISION}
    image: wazuh/wazuh-dashboard:${WAZUH_IMAGE_VERSION}
    hostname: wazuh.dashboard
    restart: always
    ports:
--- a/build-docker-images/wazuh-dashboard/Dockerfile
+++ b/build-docker-images/wazuh-dashboard/Dockerfile
@@ -1,38 +1,34 @@
 # Wazuh Docker Copyright (C) 2017, Wazuh Inc. (License GPLv2)
-FROM ubuntu:focal AS builder
+FROM amazonlinux:2023 AS builder
-ARG WAZUH_VERSION=4.3.4
+ARG WAZUH_VERSION
-ARG WAZUH_UI_REVISION=1
+ARG WAZUH_TAG_REVISION
 ARG WAZUH_UI_REVISION
 ARG INSTALL_DIR=/usr/share/wazuh-dashboard
 # Update and install dependencies
-RUN apt-get update && apt install curl libcap2-bin xz-utils -y
+RUN yum install curl-minimal libcap openssl -y
-# Create Install dir
+COPY config/check_repository.sh /
-RUN mkdir -p $INSTALL_DIR
+RUN chmod 775 /check_repository.sh && \
    source /check_repository.sh
-# Download and extract Wazuh dashboard base
+RUN yum install wazuh-dashboard-${WAZUH_VERSION}-${WAZUH_TAG_REVISION} -y && \
-RUN curl -o wazuh-dashboard-base.tar.xz https://packages.wazuh.com/stack/dashboard/base/wazuh-dashboard-base-${WAZUH_VERSION}-linux-x64.tar.xz && \
+    yum clean all
-    tar -xf wazuh-dashboard-base.tar.xz --directory  $INSTALL_DIR --strip-components=1
+
 # Create and set permissions to data directories
 RUN mkdir -p $INSTALL_DIR/data/wazuh && chmod -R 775 $INSTALL_DIR/data/wazuh
 RUN mkdir -p $INSTALL_DIR/data/wazuh/config && chmod -R 775 $INSTALL_DIR/data/wazuh/config
 RUN mkdir -p $INSTALL_DIR/data/wazuh/logs && chmod -R 775 $INSTALL_DIR/data/wazuh/logs
 COPY config/wazuh.yml $INSTALL_DIR/data/wazuh/config/
 RUN setcap 'cap_net_bind_service=-ep' /usr/share/wazuh-dashboard/node/bin/node
 RUN setcap 'cap_net_bind_service=-ep' /usr/share/wazuh-dashboard/node/fallback/bin/node
 # Generate certificates
 COPY config/config.sh .
 COPY config/config.yml /
 RUN bash config.sh
 # Install Wazuh App
 RUN $INSTALL_DIR/bin/opensearch-dashboards-plugin install https://packages.wazuh.com/4.x/ui/dashboard/wazuh-${WAZUH_VERSION}-${WAZUH_UI_REVISION}.zip --allow-root
 # Copy and set permissions to config files
 COPY config/opensearch_dashboards.yml $INSTALL_DIR/config/
 COPY config/wazuh.yml $INSTALL_DIR/data/wazuh/config/
 RUN chown 101:101 $INSTALL_DIR/config/opensearch_dashboards.yml && chmod 664 $INSTALL_DIR/config/opensearch_dashboards.yml
 # Create and set permissions to data directories
 RUN mkdir -p $INSTALL_DIR/data/wazuh && chown -R 101:101 $INSTALL_DIR/data/wazuh && chmod -R 775 $INSTALL_DIR/data/wazuh
 RUN mkdir -p $INSTALL_DIR/data/wazuh/config && chown -R 101:101 $INSTALL_DIR/data/wazuh/config && chmod -R 775 $INSTALL_DIR/data/wazuh/config
 RUN mkdir -p $INSTALL_DIR/data/wazuh/logs && chown -R 101:101 $INSTALL_DIR/data/wazuh/logs && chmod -R 775 $INSTALL_DIR/data/wazuh/logs
 ################################################################################
 # Build stage 1 (the current Wazuh dashboard image):
 #
@@ -40,7 +36,7 @@ RUN mkdir -p $INSTALL_DIR/data/wazuh/logs && chown -R 101:101 $INSTALL_DIR/data/
 # Add entrypoint
 # Add wazuh_app_config
 ################################################################################
-FROM ubuntu:focal
+FROM amazonlinux:2023
 # Set environment variables
 ENV USER="wazuh-dashboard" \
@@ -54,19 +50,6 @@ ENV PATTERN="" \
    CHECKS_TEMPLATE="" \
    CHECKS_API="" \
    CHECKS_SETUP="" \
    EXTENSIONS_PCI="" \
    EXTENSIONS_GDPR="" \
    EXTENSIONS_HIPAA="" \
    EXTENSIONS_NIST="" \
    EXTENSIONS_TSC="" \
    EXTENSIONS_AUDIT="" \
    EXTENSIONS_OSCAP="" \
    EXTENSIONS_CISCAT="" \
    EXTENSIONS_AWS="" \
    EXTENSIONS_GCP="" \
    EXTENSIONS_VIRUSTOTAL="" \
    EXTENSIONS_OSQUERY="" \
    EXTENSIONS_DOCKER="" \
    APP_TIMEOUT="" \
    API_SELECTOR="" \
    IP_SELECTOR="" \
@@ -76,8 +59,8 @@ ENV PATTERN="" \
    WAZUH_MONITORING_SHARDS="" \
    WAZUH_MONITORING_REPLICAS=""
-# Install dependencies
+# Update and install dependencies
-RUN apt update && apt install -y libnss3-dev fonts-liberation libfontconfig1
+RUN yum install shadow-utils -y
 # Create wazuh-dashboard user and group
 RUN getent group $GROUP || groupadd -r -g 1000 $GROUP
@@ -100,6 +83,10 @@ RUN chown 1000:1000 /*.sh
 # Copy Install dir from builder to current image
 COPY --from=builder --chown=1000:1000 $INSTALL_DIR $INSTALL_DIR
 # Create custom directory
 RUN mkdir -p /usr/share/wazuh-dashboard/plugins/wazuh/public/assets/custom
 RUN chown 1000:1000 /usr/share/wazuh-dashboard/plugins/wazuh/public/assets/custom
 # Set workdir and user
 WORKDIR $INSTALL_DIR
 USER wazuh-dashboard
--- a/build-docker-images/wazuh-dashboard/config/check_repository.sh
+++ b/build-docker-images/wazuh-dashboard/config/check_repository.sh
@@ -0,0 +1,15 @@
 ## variables
 APT_KEY=https://packages-dev.wazuh.com/key/GPG-KEY-WAZUH
 GPG_SIGN="gpgcheck=1\ngpgkey=${APT_KEY}]"
 REPOSITORY="[wazuh]\n${GPG_SIGN}\nenabled=1\nname=EL-\$releasever - Wazuh\nbaseurl=https://packages-dev.wazuh.com/pre-release/yum/\nprotect=1"
 WAZUH_TAG=$(curl --silent https://api.github.com/repos/wazuh/wazuh/git/refs/tags | grep '["]ref["]:' | sed -E 's/.*\"([^\"]+)\".*/\1/'  | cut -c 11- | grep ^v${WAZUH_VERSION}$)
 ## check tag to use the correct repository
 if [[ -n "${WAZUH_TAG}" ]]; then
  APT_KEY=https://packages.wazuh.com/key/GPG-KEY-WAZUH
  GPG_SIGN="gpgcheck=1\ngpgkey=${APT_KEY}]"
  REPOSITORY="[wazuh]\n${GPG_SIGN}\nenabled=1\nname=EL-\$releasever - Wazuh\nbaseurl=https://packages.wazuh.com/4.x/yum/\nprotect=1"
 fi
 rpm --import "${APT_KEY}"
 echo -e "${REPOSITORY}" | tee /etc/yum.repos.d/wazuh.repo
--- a/build-docker-images/wazuh-dashboard/config/config.sh
+++ b/build-docker-images/wazuh-dashboard/config/config.sh
@@ -9,8 +9,8 @@ export CONFIG_DIR=${INSTALLATION_DIR}/config
 ## Variables
 CERT_TOOL=wazuh-certs-tool.sh
-PACKAGES_URL=https://packages.wazuh.com/4.3/
+PACKAGES_URL=https://packages.wazuh.com/4.10/
-PACKAGES_DEV_URL=https://packages-dev.wazuh.com/4.3/
+PACKAGES_DEV_URL=https://packages-dev.wazuh.com/4.10/
 ## Check if the cert tool exists in S3 buckets
 CERT_TOOL_PACKAGES=$(curl --silent -I $PACKAGES_URL$CERT_TOOL | grep -E "^HTTP" | awk  '{print $2}')
--- a/build-docker-images/wazuh-dashboard/config/entrypoint.sh
+++ b/build-docker-images/wazuh-dashboard/config/entrypoint.sh
@@ -7,7 +7,7 @@ DASHBOARD_PASSWORD="${DASHBOARD_PASSWORD:-kibanaserver}"
 # Create and configure Wazuh dashboard keystore
-$INSTALL_DIR/bin/opensearch-dashboards-keystore create --allow-root && \
+yes | $INSTALL_DIR/bin/opensearch-dashboards-keystore create --allow-root && \
 echo $DASHBOARD_USERNAME | $INSTALL_DIR/bin/opensearch-dashboards-keystore add opensearch.username --stdin --allow-root && \
 echo $DASHBOARD_PASSWORD | $INSTALL_DIR/bin/opensearch-dashboards-keystore add opensearch.password --stdin --allow-root
@@ -15,6 +15,6 @@ echo $DASHBOARD_PASSWORD | $INSTALL_DIR/bin/opensearch-dashboards-keystore add o
 # Start Wazuh dashboard
 ##############################################################################
-/wazuh_app_config.sh
+/wazuh_app_config.sh $WAZUH_UI_REVISION
 /usr/share/wazuh-dashboard/bin/opensearch-dashboards -c /usr/share/wazuh-dashboard/config/opensearch_dashboards.yml
--- a/build-docker-images/wazuh-dashboard/config/opensearch_dashboards.yml
+++ b/build-docker-images/wazuh-dashboard/config/opensearch_dashboards.yml
@@ -1,13 +0,0 @@
 server.host: 0.0.0.0
 server.port: 5601
 opensearch.hosts: https://wazuh.indexer:9200
 opensearch.ssl.verificationMode: none
 opensearch.requestHeadersWhitelist: [ authorization,securitytenant ]
 opensearch_security.multitenancy.enabled: false
 opensearch_security.readonly_mode.roles: ["kibana_read_only"]
 server.ssl.enabled: true
 server.ssl.key: "/usr/share/wazuh-dashboard/config/certs/dashboard-key.pem"
 server.ssl.certificate: "/usr/share/wazuh-dashboard/config/certs/dashboard.pem"
 opensearch.ssl.certificateAuthorities: ["/usr/share/wazuh-dashboard/config/certs/root-ca.pem"]
 uiSettings.overrides.defaultRoute: /app/wazuh
--- a/build-docker-images/wazuh-dashboard/config/wazuh.yml
+++ b/build-docker-images/wazuh-dashboard/config/wazuh.yml
@@ -16,7 +16,7 @@
 # https://documentation.wazuh.com/current/installation-guide/index.html
 #
 # Also, you can check our repository:
-# https://github.com/wazuh/wazuh-kibana-app
+# https://github.com/wazuh/wazuh-dashboard-plugins
 #
 # ------------------------------- Index patterns -------------------------------
 #
--- a/build-docker-images/wazuh-dashboard/config/wazuh_app_config.sh
+++ b/build-docker-images/wazuh-dashboard/config/wazuh_app_config.sh
@@ -15,19 +15,6 @@ declare -A CONFIG_MAP=(
  [checks.template]=$CHECKS_TEMPLATE
  [checks.api]=$CHECKS_API
  [checks.setup]=$CHECKS_SETUP
  [extensions.pci]=$EXTENSIONS_PCI
  [extensions.gdpr]=$EXTENSIONS_GDPR
  [extensions.hipaa]=$EXTENSIONS_HIPAA
  [extensions.nist]=$EXTENSIONS_NIST
  [extensions.tsc]=$EXTENSIONS_TSC
  [extensions.audit]=$EXTENSIONS_AUDIT
  [extensions.oscap]=$EXTENSIONS_OSCAP
  [extensions.ciscat]=$EXTENSIONS_CISCAT
  [extensions.aws]=$EXTENSIONS_AWS
  [extensions.gcp]=$EXTENSIONS_GCP
  [extensions.virustotal]=$EXTENSIONS_VIRUSTOTAL
  [extensions.osquery]=$EXTENSIONS_OSQUERY
  [extensions.docker]=$EXTENSIONS_DOCKER
  [timeout]=$APP_TIMEOUT
  [api.selector]=$API_SELECTOR
  [ip.selector]=$IP_SELECTOR
--- a/build-docker-images/wazuh-indexer/Dockerfile
+++ b/build-docker-images/wazuh-indexer/Dockerfile
@@ -1,7 +1,17 @@
 # Wazuh Docker Copyright (C) 2017, Wazuh Inc. (License GPLv2)
-FROM ubuntu:focal AS builder
+FROM amazonlinux:2023 AS builder
-RUN apt-get update -y && apt-get install curl openssl xz-utils -y
+ARG WAZUH_VERSION
 ARG WAZUH_TAG_REVISION
 RUN yum install curl-minimal openssl xz tar findutils shadow-utils -y
 COPY config/check_repository.sh /
 RUN chmod 775 /check_repository.sh && \
    source /check_repository.sh
 RUN yum install wazuh-indexer-${WAZUH_VERSION}-${WAZUH_TAG_REVISION} -y && \
    yum clean all
 COPY config/opensearch.yml /
@@ -9,6 +19,8 @@ COPY config/config.sh .
 COPY config/config.yml /
 COPY config/action_groups.yml /
 COPY config/internal_users.yml /
 COPY config/roles_mapping.yml /
@@ -22,14 +34,17 @@ RUN bash config.sh
 #
 # Copy wazuh-indexer from stage 0
 # Add entrypoint
 ################################################################################
-FROM ubuntu:focal
+FROM amazonlinux:2023
 ENV USER="wazuh-indexer" \
    GROUP="wazuh-indexer" \
    NAME="wazuh-indexer" \
    INSTALL_DIR="/usr/share/wazuh-indexer"
 RUN yum install curl-minimal shadow-utils findutils hostname -y
 RUN getent group $GROUP || groupadd -r -g 1000 $GROUP
 RUN useradd --system \
@@ -51,19 +66,21 @@ RUN chmod 700 /entrypoint.sh && chmod 700 /securityadmin.sh
 RUN chown 1000:1000 /*.sh
-COPY --from=builder --chown=1000:1000 /debian/wazuh-indexer/usr/share/wazuh-indexer /usr/share/wazuh-indexer
+COPY --from=builder --chown=1000:1000 /usr/share/wazuh-indexer /usr/share/wazuh-indexer
 COPY --from=builder --chown=1000:1000 /etc/wazuh-indexer /usr/share/wazuh-indexer
 COPY --from=builder --chown=0:0 /debian/wazuh-indexer/usr/lib/systemd /usr/lib/systemd
 COPY --from=builder --chown=0:0 /debian/wazuh-indexer/usr/lib/sysctl.d /usr/lib/sysctl.d
 COPY --from=builder --chown=0:0 /debian/wazuh-indexer/usr/lib/tmpfiles.d /usr/lib/tmpfiles.d
 RUN chown -R 1000:1000 /usr/share/wazuh-indexer
 RUN mkdir -p /var/lib/wazuh-indexer && chown 1000:1000 /var/lib/wazuh-indexer && \
    mkdir -p /usr/share/wazuh-indexer/logs && chown 1000:1000 /usr/share/wazuh-indexer/logs && \
    mkdir -p /run/wazuh-indexer && chown 1000:1000 /run/wazuh-indexer && \
    mkdir -p /var/log/wazuh-indexer && chown 1000:1000 /var/log/wazuh-indexer && \
-    chmod 700 /usr/share/wazuh-indexer/config && \
+    chmod 700 /usr/share/wazuh-indexer && \
-    chmod 600 /usr/share/wazuh-indexer/config/jvm.options && \
+    chmod 600 /usr/share/wazuh-indexer/jvm.options && \
-    chmod 600 /usr/share/wazuh-indexer/config/opensearch.yml
+    chmod 600 /usr/share/wazuh-indexer/opensearch.yml
 USER wazuh-indexer
--- a/build-docker-images/wazuh-indexer/config/action_groups.yml
+++ b/build-docker-images/wazuh-indexer/config/action_groups.yml
@@ -0,0 +1,12 @@
 ---
 _meta:
  type: "actiongroups"
  config_version: 2
 # ISM API permissions group
 manage_ism:
  reserved: true
  hidden: false
  allowed_actions:
  - "cluster:admin/opendistro/ism/*"
  static: false
--- a/build-docker-images/wazuh-indexer/config/check_repository.sh
+++ b/build-docker-images/wazuh-indexer/config/check_repository.sh
@@ -0,0 +1,15 @@
 ## variables
 APT_KEY=https://packages-dev.wazuh.com/key/GPG-KEY-WAZUH
 GPG_SIGN="gpgcheck=1\ngpgkey=${APT_KEY}]"
 REPOSITORY="[wazuh]\n${GPG_SIGN}\nenabled=1\nname=EL-\$releasever - Wazuh\nbaseurl=https://packages-dev.wazuh.com/pre-release/yum/\nprotect=1"
 WAZUH_TAG=$(curl --silent https://api.github.com/repos/wazuh/wazuh/git/refs/tags | grep '["]ref["]:' | sed -E 's/.*\"([^\"]+)\".*/\1/'  | cut -c 11- | grep ^v${WAZUH_VERSION}$)
 ## check tag to use the correct repository
 if [[ -n "${WAZUH_TAG}" ]]; then
  APT_KEY=https://packages.wazuh.com/key/GPG-KEY-WAZUH
  GPG_SIGN="gpgcheck=1\ngpgkey=${APT_KEY}]"
  REPOSITORY="[wazuh]\n${GPG_SIGN}\nenabled=1\nname=EL-\$releasever - Wazuh\nbaseurl=https://packages.wazuh.com/4.x/yum/\nprotect=1"
 fi
 rpm --import "${APT_KEY}"
 echo -e "${REPOSITORY}" | tee /etc/yum.repos.d/wazuh.repo
--- a/build-docker-images/wazuh-indexer/config/config.sh
+++ b/build-docker-images/wazuh-indexer/config/config.sh
@@ -8,30 +8,22 @@ export TARGET_DIR=${CURDIR}/debian/${NAME}
 # Package build options
 export USER=${NAME}
 export GROUP=${NAME}
-export VERSION=4.3.4
+export VERSION=${WAZUH_VERSION}-${WAZUH_TAG_REVISION}
 export LOG_DIR=/var/log/${NAME}
 export LIB_DIR=/var/lib/${NAME}
 export PID_DIR=/run/${NAME}
 export INSTALLATION_DIR=/usr/share/${NAME}
-export CONFIG_DIR=${INSTALLATION_DIR}/config
+export CONFIG_DIR=${INSTALLATION_DIR}
 export BASE_DIR=${NAME}-*
 export INDEXER_FILE=wazuh-indexer-base.tar.xz
 export BASE_FILE=wazuh-indexer-base-${VERSION}-linux-x64.tar.xz
 export REPO_DIR=/unattended_installer
 rm -rf ${INSTALLATION_DIR}/
 curl -o ${INDEXER_FILE} https://packages.wazuh.com/stack/indexer/base/${BASE_FILE}
 tar -xf ${INDEXER_FILE}
 ## TOOLS
 ## Variables
 CERT_TOOL=wazuh-certs-tool.sh
 PASSWORD_TOOL=wazuh-passwords-tool.sh
-PACKAGES_URL=https://packages.wazuh.com/4.3/
+PACKAGES_URL=https://packages.wazuh.com/4.10/
-PACKAGES_DEV_URL=https://packages-dev.wazuh.com/4.3/
+PACKAGES_DEV_URL=https://packages-dev.wazuh.com/4.10/
 ## Check if the cert tool exists in S3 buckets
 CERT_TOOL_PACKAGES=$(curl --silent -I $PACKAGES_URL$CERT_TOOL | grep -E "^HTTP" | awk  '{print $2}')
@@ -70,6 +62,7 @@ chmod 755 $CERT_TOOL && bash /$CERT_TOOL -A
 # copy to target
 mkdir -p ${TARGET_DIR}${INSTALLATION_DIR}
 mkdir -p ${TARGET_DIR}${INSTALLATION_DIR}/opensearch-security/
 mkdir -p ${TARGET_DIR}${CONFIG_DIR}
 mkdir -p ${TARGET_DIR}${LIB_DIR}
 mkdir -p ${TARGET_DIR}${LOG_DIR}
@@ -79,24 +72,11 @@ mkdir -p ${TARGET_DIR}/usr/lib/tmpfiles.d
 mkdir -p ${TARGET_DIR}/usr/lib/sysctl.d
 mkdir -p ${TARGET_DIR}/usr/lib/systemd/system
 mkdir -p ${TARGET_DIR}${CONFIG_DIR}/certs
 # Move configuration files for wazuh-indexer
 mv -f ${BASE_DIR}/etc/init.d/${NAME} ${TARGET_DIR}/etc/init.d/${NAME}
 mv -f ${BASE_DIR}/etc/wazuh-indexer/* ${TARGET_DIR}${CONFIG_DIR}
 mv -f ${BASE_DIR}/etc/sysconfig/${NAME} ${TARGET_DIR}/etc/default/
 mv -f ${BASE_DIR}/usr/lib/tmpfiles.d/* ${TARGET_DIR}/usr/lib/tmpfiles.d/
 mv -f ${BASE_DIR}/usr/lib/sysctl.d/* ${TARGET_DIR}/usr/lib/sysctl.d/
 mv -f ${BASE_DIR}/usr/lib/systemd/system/* ${TARGET_DIR}/usr/lib/systemd/system/
 rm -rf ${BASE_DIR}/etc
 rm -rf ${BASE_DIR}/usr
 # Copy installation files to final location
 cp -pr ${BASE_DIR}/* ${TARGET_DIR}${INSTALLATION_DIR}
 # Copy the security tools
 cp /$CERT_TOOL ${TARGET_DIR}${INSTALLATION_DIR}/plugins/opensearch-security/tools/
 cp /$PASSWORD_TOOL ${TARGET_DIR}${INSTALLATION_DIR}/plugins/opensearch-security/tools/
 # Copy Wazuh's config files for the security plugin
-cp -pr /roles_mapping.yml ${TARGET_DIR}${INSTALLATION_DIR}/plugins/opensearch-security/securityconfig/
+cp -pr /roles_mapping.yml ${TARGET_DIR}${INSTALLATION_DIR}/opensearch-security/
-cp -pr /roles.yml ${TARGET_DIR}${INSTALLATION_DIR}/plugins/opensearch-security/securityconfig/
+cp -pr /roles.yml ${TARGET_DIR}${INSTALLATION_DIR}/opensearch-security/
-cp -pr /internal_users.yml ${TARGET_DIR}${INSTALLATION_DIR}/plugins/opensearch-security/securityconfig/
+cp -pr /action_groups.yml ${TARGET_DIR}${INSTALLATION_DIR}/opensearch-security/
 cp -pr /internal_users.yml ${TARGET_DIR}${INSTALLATION_DIR}/opensearch-security/
 cp -pr /opensearch.yml ${TARGET_DIR}${CONFIG_DIR}
 # Copy Wazuh indexer's certificates
 cp -pr /wazuh-certificates/demo.indexer.pem ${TARGET_DIR}${CONFIG_DIR}/certs/indexer.pem
@@ -106,5 +86,17 @@ cp -pr /wazuh-certificates/root-ca.pem ${TARGET_DIR}${CONFIG_DIR}/certs/root-ca.
 cp -pr /wazuh-certificates/admin.pem ${TARGET_DIR}${CONFIG_DIR}/certs/admin.pem
 cp -pr /wazuh-certificates/admin-key.pem ${TARGET_DIR}${CONFIG_DIR}/certs/admin-key.pem
 # Delete xms and xmx parameters in jvm.options
 sed '/-Xms/d' -i /etc/wazuh-indexer/jvm.options
 sed '/-Xmx/d' -i /etc/wazuh-indexer/jvm.options
 sed -i 's/-Djava.security.policy=file:\/\/\/etc\/wazuh-indexer\/opensearch-performance-analyzer\/opensearch_security.policy/-Djava.security.policy=file:\/\/\/usr\/share\/wazuh-indexer\/opensearch-performance-analyzer\/opensearch_security.policy/g' /etc/wazuh-indexer/jvm.options
 chmod -R 500 ${TARGET_DIR}${CONFIG_DIR}/certs
-chmod -R 400 ${TARGET_DIR}${CONFIG_DIR}/certs/*
+chmod -R 400 ${TARGET_DIR}${CONFIG_DIR}/certs/*
 find ${TARGET_DIR} -type d -exec chmod 750 {} \;
 find ${TARGET_DIR} -type f -perm 644 -exec chmod 640 {} \;
 find ${TARGET_DIR} -type f -perm 664 -exec chmod 660 {} \;
 find ${TARGET_DIR} -type f -perm 755 -exec chmod 750 {} \;
 find ${TARGET_DIR} -type f -perm 744 -exec chmod 740 {} \;
--- a/build-docker-images/wazuh-indexer/config/entrypoint.sh
+++ b/build-docker-images/wazuh-indexer/config/entrypoint.sh
@@ -6,7 +6,7 @@ umask 0002
 export USER=wazuh-indexer
 export INSTALLATION_DIR=/usr/share/wazuh-indexer
-export OPENSEARCH_PATH_CONF=${INSTALLATION_DIR}/config
+export OPENSEARCH_PATH_CONF=${INSTALLATION_DIR}
 export JAVA_HOME=${INSTALLATION_DIR}/jdk
 export DISCOVERY=$(grep -oP "(?<=discovery.type: ).*" ${OPENSEARCH_PATH_CONF}/opensearch.yml)
 export CACERT=$(grep -oP "(?<=plugins.security.ssl.transport.pemtrustedcas_filepath: ).*" ${OPENSEARCH_PATH_CONF}/opensearch.yml)
@@ -59,7 +59,7 @@ if [[ -f bin/opensearch-users ]]; then
  # enabled, but we have no way of knowing which node we are yet. We'll just
  # honor the variable if it's present.
  if [[ -n "$INDEXER_PASSWORD" ]]; then
-    [[ -f /usr/share/wazuh-indexer/config/opensearch.keystore ]] || (run_as_other_user_if_needed opensearch-keystore create)
+    [[ -f /usr/share/wazuh-indexer/opensearch.keystore ]] || (run_as_other_user_if_needed opensearch-keystore create)
    if ! (run_as_other_user_if_needed opensearch-keystore has-passwd --silent) ; then
      # keystore is unencrypted
      if ! (run_as_other_user_if_needed opensearch-keystore list | grep -q '^bootstrap.password$'); then
@@ -84,10 +84,10 @@ if [[ "$(id -u)" == "0" ]]; then
 fi
-if [[ "$DISCOVERY" == "single-node" ]] && [[ ! -f "/var/lib/wazuh-indexer/.flag" ]]; then
+#if [[ "$DISCOVERY" == "single-node" ]] && [[ ! -f "/var/lib/wazuh-indexer/.flag" ]]; then
  # run securityadmin.sh for single node with CACERT, CERT and KEY parameter
-  nohup /securityadmin.sh &
+#  nohup /securityadmin.sh &
-  touch "/var/lib/wazuh-indexer/.flag"
+#  touch "/var/lib/wazuh-indexer/.flag"
-fi
+#fi
 run_as_other_user_if_needed /usr/share/wazuh-indexer/bin/opensearch <<<"$KEYSTORE_PASSWORD"
--- a/build-docker-images/wazuh-indexer/config/opensearch.yml
+++ b/build-docker-images/wazuh-indexer/config/opensearch.yml
@@ -4,12 +4,12 @@ path.data: /var/lib/wazuh-indexer
 path.logs: /var/log/wazuh-indexer
 discovery.type: single-node
 compatibility.override_main_response_version: true
-plugins.security.ssl.http.pemcert_filepath: ${OPENSEARCH_PATH_CONF}/certs/indexer.pem
+plugins.security.ssl.http.pemcert_filepath: /usr/share/wazuh-indexer/certs/indexer.pem
-plugins.security.ssl.http.pemkey_filepath: ${OPENSEARCH_PATH_CONF}/certs/indexer-key.pem
+plugins.security.ssl.http.pemkey_filepath: /usr/share/wazuh-indexer/certs/indexer-key.pem
-plugins.security.ssl.http.pemtrustedcas_filepath: ${OPENSEARCH_PATH_CONF}/certs/root-ca.pem
+plugins.security.ssl.http.pemtrustedcas_filepath: /usr/share/wazuh-indexer/certs/root-ca.pem
-plugins.security.ssl.transport.pemcert_filepath: ${OPENSEARCH_PATH_CONF}/certs/indexer.pem
+plugins.security.ssl.transport.pemcert_filepath: /usr/share/wazuh-indexer/certs/indexer.pem
-plugins.security.ssl.transport.pemkey_filepath: ${OPENSEARCH_PATH_CONF}/certs/indexer-key.pem
+plugins.security.ssl.transport.pemkey_filepath: /usr/share/wazuh-indexer/certs/indexer-key.pem
-plugins.security.ssl.transport.pemtrustedcas_filepath: ${OPENSEARCH_PATH_CONF}/certs/root-ca.pem
+plugins.security.ssl.transport.pemtrustedcas_filepath: /usr/share/wazuh-indexer/certs/root-ca.pem
 plugins.security.ssl.http.enabled: true
 plugins.security.ssl.transport.enforce_hostname_verification: false
 plugins.security.ssl.transport.resolve_hostname: false
--- a/build-docker-images/wazuh-indexer/config/roles.yml
+++ b/build-docker-images/wazuh-indexer/config/roles.yml
@@ -142,7 +142,7 @@ wazuh_ui_user:
    allowed_actions:
    - "read"
  tenant_permissions: []
-  static: false        
+  static: false
 wazuh_ui_admin:
  reserved: true
@@ -160,4 +160,12 @@ wazuh_ui_admin:
    - "manage"
    - "index"
  tenant_permissions: []
-  static: false  
+  static: false
 # ISM API permissions role
 manage_ism:
  reserved: true
  hidden: false
  cluster_permissions:
  - "manage_ism"
  static: false
--- a/build-docker-images/wazuh-indexer/config/roles_mapping.yml
+++ b/build-docker-images/wazuh-indexer/config/roles_mapping.yml
@@ -33,7 +33,7 @@ kibana_user:
  - "kibanauser"
  users:
  - "wazuh_user"
-  - "wazuh_admin"    
+  - "wazuh_admin"
  description: "Maps kibanauser to kibana_user"
 readall:
@@ -68,4 +68,11 @@ wazuh_ui_user:
  hosts: []
  users:
  - "wazuh_user"
-  and_backend_roles: []
+  and_backend_roles: []
 # ISM API permissions role mapping
 manage_ism:
  reserved: true
  hidden: false
  users:
  - "kibanaserver"
--- a/build-docker-images/wazuh-indexer/config/securityadmin.sh
+++ b/build-docker-images/wazuh-indexer/config/securityadmin.sh
@@ -1,3 +1,3 @@
 # Wazuh Docker Copyright (C) 2017, Wazuh Inc. (License GPLv2)
 sleep 30
-bash /usr/share/wazuh-indexer/plugins/opensearch-security/tools/securityadmin.sh -cd /usr/share/wazuh-indexer/plugins/opensearch-security/securityconfig/ -nhnv -cacert  $CACERT -cert $CERT -key $KEY -p 9300 -icl
+bash /usr/share/wazuh-indexer/plugins/opensearch-security/tools/securityadmin.sh -cd /usr/share/wazuh-indexer/opensearch-security/ -nhnv -cacert  $CACERT -cert $CERT -key $KEY -p 9200 -icl
--- a/build-docker-images/wazuh-manager/Dockerfile
+++ b/build-docker-images/wazuh-manager/Dockerfile
@@ -1,27 +1,32 @@
 # Wazuh Docker Copyright (C) 2017, Wazuh Inc. (License GPLv2)
-FROM ubuntu:focal
+FROM amazonlinux:2023
-ARG WAZUH_VERSION=4.3.4
+RUN rm /bin/sh && ln -s /bin/bash /bin/sh
-ARG TEMPLATE_VERSION=4.3
+
 ARG WAZUH_VERSION
 ARG WAZUH_TAG_REVISION
 ARG FILEBEAT_TEMPLATE_BRANCH
 ARG FILEBEAT_CHANNEL=filebeat-oss
 ARG FILEBEAT_VERSION=7.10.2
-ARG WAZUH_FILEBEAT_MODULE="wazuh-filebeat-0.2.tar.gz"
+ARG WAZUH_FILEBEAT_MODULE
 RUN apt-get update && apt install curl apt-transport-https lsb-release gnupg -y
 RUN apt-key adv --fetch-keys https://packages.wazuh.com/key/GPG-KEY-WAZUH && \
    echo "deb https://packages.wazuh.com/4.x/apt/ stable main" | tee -a /etc/apt/sources.list.d/wazuh.list && \
    apt-get update && \
    apt-get install wazuh-manager=${WAZUH_VERSION}-1
 RUN curl -L -O https://artifacts.elastic.co/downloads/beats/filebeat/${FILEBEAT_CHANNEL}-${FILEBEAT_VERSION}-amd64.deb &&\
    dpkg -i ${FILEBEAT_CHANNEL}-${FILEBEAT_VERSION}-amd64.deb && rm -f ${FILEBEAT_CHANNEL}-${FILEBEAT_VERSION}-amd64.deb && \
    curl -s https://packages.wazuh.com/4.x/filebeat/${WAZUH_FILEBEAT_MODULE} | tar -xvz -C /usr/share/filebeat/module
 RUN curl -L https://github.com/aelsabbahy/goss/releases/latest/download/goss-linux-amd64 -o /usr/local/bin/goss && chmod +rx /usr/local/bin/goss
 ARG S6_VERSION="v2.2.0.3"
-RUN curl --fail --silent -L https://github.com/just-containers/s6-overlay/releases/download/${S6_VERSION}/s6-overlay-amd64.tar.gz \
+
 RUN yum install curl-minimal xz gnupg tar gzip openssl findutils procps -y &&\
    yum clean all
 COPY config/check_repository.sh /
 COPY config/filebeat_module.sh /
 COPY config/permanent_data.env config/permanent_data.sh /
 RUN chmod 775 /check_repository.sh
 RUN source /check_repository.sh
 RUN yum install wazuh-manager-${WAZUH_VERSION}-${WAZUH_TAG_REVISION} -y && \
    yum clean all && \
    chmod 775 /filebeat_module.sh && \
    source /filebeat_module.sh && \
    rm /filebeat_module.sh && \
    curl --fail --silent -L https://github.com/just-containers/s6-overlay/releases/download/${S6_VERSION}/s6-overlay-amd64.tar.gz \
    -o /tmp/s6-overlay-amd64.tar.gz && \
    tar xzf /tmp/s6-overlay-amd64.tar.gz -C / --exclude="./bin" && \
    tar xzf /tmp/s6-overlay-amd64.tar.gz -C /usr ./bin && \
@@ -34,18 +39,30 @@ COPY config/filebeat.yml /etc/filebeat/
 RUN chmod go-w /etc/filebeat/filebeat.yml
-ADD https://raw.githubusercontent.com/wazuh/wazuh/$TEMPLATE_VERSION/extensions/elasticsearch/7.x/wazuh-template.json /etc/filebeat
+ADD https://raw.githubusercontent.com/wazuh/wazuh/$FILEBEAT_TEMPLATE_BRANCH/extensions/elasticsearch/7.x/wazuh-template.json /etc/filebeat
 RUN chmod go-w /etc/filebeat/wazuh-template.json
 # Prepare permanent data
 # Sync calls are due to https://github.com/docker/docker/issues/9547
-COPY config/permanent_data.env config/permanent_data.sh /
+#Make mount directories for keep permissions
-RUN chmod 755 /permanent_data.sh && \
+
 RUN mkdir -p /var/ossec/var/multigroups && \
    chown root:wazuh /var/ossec/var/multigroups && \
    chmod 770 /var/ossec/var/multigroups && \
    mkdir -p /var/ossec/agentless && \
    chown root:wazuh /var/ossec/agentless && \
    chmod 770 /var/ossec/agentless && \
    mkdir -p /var/ossec/active-response/bin && \
    chown root:wazuh /var/ossec/active-response/bin && \
    chmod 770 /var/ossec/active-response/bin && \
    chmod 755 /permanent_data.sh && \
    sync && /permanent_data.sh && \
    sync && rm /permanent_data.sh
 RUN rm /etc/yum.repos.d/wazuh.repo
 # Services ports
 EXPOSE 55000/tcp 1514/tcp 1515/tcp 514/udp 1516/tcp
-ENTRYPOINT [ "/init" ]
+ENTRYPOINT [ "/init" ]
--- a/build-docker-images/wazuh-manager/config/check_repository.sh
+++ b/build-docker-images/wazuh-manager/config/check_repository.sh
@@ -0,0 +1,15 @@
 ## variables
 APT_KEY=https://packages-dev.wazuh.com/key/GPG-KEY-WAZUH
 GPG_SIGN="gpgcheck=1\ngpgkey=${APT_KEY}]"
 REPOSITORY="[wazuh]\n${GPG_SIGN}\nenabled=1\nname=EL-\$releasever - Wazuh\nbaseurl=https://packages-dev.wazuh.com/pre-release/yum/\nprotect=1"
 WAZUH_TAG=$(curl --silent https://api.github.com/repos/wazuh/wazuh/git/refs/tags | grep '["]ref["]:' | sed -E 's/.*\"([^\"]+)\".*/\1/'  | cut -c 11- | grep ^v${WAZUH_VERSION}$)
 ## check tag to use the correct repository
 if [[ -n "${WAZUH_TAG}" ]]; then
  APT_KEY=https://packages.wazuh.com/key/GPG-KEY-WAZUH
  GPG_SIGN="gpgcheck=1\ngpgkey=${APT_KEY}]"
  REPOSITORY="[wazuh]\n${GPG_SIGN}\nenabled=1\nname=EL-\$releasever - Wazuh\nbaseurl=https://packages.wazuh.com/4.x/yum/\nprotect=1"
 fi
 rpm --import "${APT_KEY}"
 echo -e "${REPOSITORY}" | tee /etc/yum.repos.d/wazuh.repo
--- a/build-docker-images/wazuh-manager/config/create_user.py
+++ b/build-docker-images/wazuh-manager/config/create_user.py
@@ -13,7 +13,7 @@ SPECIAL_CHARS = "@$!%*?&-_"
 try:
-    from wazuh.rbac.orm import create_rbac_db
+    from wazuh.rbac.orm import check_database_integrity
    from wazuh.security import (
        create_user,
        get_users,
@@ -21,7 +21,7 @@ try:
        set_user_role,
        update_user,
    )
-except Exception as e:
+except ModuleNotFoundError as e:
    logging.error("No module 'wazuh' found.")
    sys.exit(1)
@@ -69,7 +69,7 @@ if __name__ == "__main__":
    username, password = read_user_file()
    # create RBAC database
-    create_rbac_db()
+    check_database_integrity()
    initial_users = db_users()
    if username not in initial_users:
--- a/build-docker-images/wazuh-manager/config/etc/cont-init.d/0-wazuh-init
+++ b/build-docker-images/wazuh-manager/config/etc/cont-init.d/0-wazuh-init
@@ -51,7 +51,7 @@ mount_permanent_data() {
        print "Installing ${permanent_dir}"
        exec_cmd "cp -a ${data_tmp}. ${permanent_dir}"
      else
-        print "The path ${permanent_dir} is empty, skiped"
+        print "The path ${permanent_dir} is empty, skipped"
      fi
    fi
  done
@@ -179,6 +179,16 @@ set_rids_owner() {
  chown -R wazuh:wazuh /var/ossec/queue/rids
 }
 ##############################################################################
 # Change any ossec user/group to wazuh user/group 
 ##############################################################################
 set_correct_permOwner() {
  find / -group 997 -exec chown :999 {} +;
  find / -group 101 -exec chown :999 {} +;
  find / -user 101 -exec chown 999 {} +;
 }
 ##############################################################################
 # Main function
 ##############################################################################
@@ -190,6 +200,9 @@ main() {
  # Restore files stored in permanent data that are not permanent  (i.e. internal_options.conf)
  apply_exclusion_data
  # Apply correct permission and ownership
  set_correct_permOwner
  # Rename files stored in permanent data (i.e. queue/ossec)
  move_data_files
--- a/build-docker-images/wazuh-manager/config/etc/cont-init.d/1-config-filebeat
+++ b/build-docker-images/wazuh-manager/config/etc/cont-init.d/1-config-filebeat
@@ -4,7 +4,7 @@
 set -e
 if [ "$INDEXER_URL" != "" ]; then
-  >&2 echo "Customize Elasticsearch ouput IP"
+  >&2 echo "Customize Elasticsearch output IP"
  sed -i "s|hosts:.*|hosts: ['$INDEXER_URL']|g" /etc/filebeat/filebeat.yml
 fi
@@ -12,32 +12,38 @@ fi
 if [ "$INDEXER_USERNAME" != "" ]; then
  >&2 echo "Configuring username."
-  sed -i "s|#username:.*|username: '$INDEXER_USERNAME'|g" /etc/filebeat/filebeat.yml
+  sed -i "s|#username:.*|username:|g" /etc/filebeat/filebeat.yml
  sed -i "s|username:.*|username: '$INDEXER_USERNAME'|g" /etc/filebeat/filebeat.yml
 fi
 if [ "$INDEXER_PASSWORD" != "" ]; then
  >&2 echo "Configuring password."
-  sed -i "s|#password:.*|password: '$INDEXER_PASSWORD'|g" /etc/filebeat/filebeat.yml
+  sed -i "s|#password:.*|password:|g" /etc/filebeat/filebeat.yml
  sed -i "s|password:.*|password: '$INDEXER_PASSWORD'|g" /etc/filebeat/filebeat.yml
 fi
 if [ "$FILEBEAT_SSL_VERIFICATION_MODE" != "" ]; then
  >&2 echo "Configuring SSL verification mode."
-  sed -i "s|#ssl.verification_mode:.*|ssl.verification_mode: $FILEBEAT_SSL_VERIFICATION_MODE|g" /etc/filebeat/filebeat.yml
+  sed -i "s|#ssl.verification_mode:.*|ssl.verification_mode:|g" /etc/filebeat/filebeat.yml
  sed -i "s|ssl.verification_mode:.*|ssl.verification_mode: '$FILEBEAT_SSL_VERIFICATION_MODE'|g" /etc/filebeat/filebeat.yml
 fi
 if [ "$SSL_CERTIFICATE_AUTHORITIES" != "" ]; then
  >&2 echo "Configuring Certificate Authorities."
-  sed -i "s|#ssl.certificate_authorities:.*|ssl.certificate_authorities: ['$SSL_CERTIFICATE_AUTHORITIES']|g" /etc/filebeat/filebeat.yml
+  sed -i "s|#ssl.certificate_authorities:.*|ssl.certificate_authorities:|g" /etc/filebeat/filebeat.yml
  sed -i "s|ssl.certificate_authorities:.*|ssl.certificate_authorities: ['$SSL_CERTIFICATE_AUTHORITIES']|g" /etc/filebeat/filebeat.yml
 fi
 if [ "$SSL_CERTIFICATE" != "" ]; then
  >&2 echo "Configuring SSL Certificate."
-  sed -i "s|#ssl.certificate:.*|ssl.certificate: '$SSL_CERTIFICATE'|g" /etc/filebeat/filebeat.yml
+  sed -i "s|#ssl.certificate:.*|ssl.certificate:|g" /etc/filebeat/filebeat.yml
  sed -i "s|ssl.certificate:.*|ssl.certificate: '$SSL_CERTIFICATE'|g" /etc/filebeat/filebeat.yml
 fi
 if [ "$SSL_KEY" != "" ]; then
  >&2 echo "Configuring SSL Key."
-  sed -i "s|#ssl.key:.*|ssl.key: '$SSL_KEY'|g" /etc/filebeat/filebeat.yml
+  sed -i "s|#ssl.key:.*|ssl.key:|g" /etc/filebeat/filebeat.yml
  sed -i "s|ssl.key:.*|ssl.key: '$SSL_KEY'|g" /etc/filebeat/filebeat.yml
 fi
--- a/build-docker-images/wazuh-manager/config/etc/cont-init.d/2-manager
+++ b/build-docker-images/wazuh-manager/config/etc/cont-init.d/2-manager
@@ -112,6 +112,13 @@ function_entrypoint_scripts() {
  fi
 }
 function_configure_vulnerability_detection() {
 if [ "$INDEXER_PASSWORD" != "" ]; then
  >&2 echo "Configuring password."
  /var/ossec/bin/wazuh-keystore -f indexer -k username -v $INDEXER_USERNAME
  /var/ossec/bin/wazuh-keystore -f indexer -k password -v $INDEXER_PASSWORD
 fi
 }
 # Migrate data from /wazuh-migration volume
 function_wazuh_migration
@@ -119,6 +126,9 @@ function_wazuh_migration
 # create API custom user
 function_create_custom_user
 # configure Vulnerabilty detection
 function_configure_vulnerability_detection
 # run entrypoint scripts
 function_entrypoint_scripts
--- a/build-docker-images/wazuh-manager/config/filebeat.yml
+++ b/build-docker-images/wazuh-manager/config/filebeat.yml
@@ -8,9 +8,9 @@ filebeat.modules:
      enabled: false
 setup.template.json.enabled: true
 setup.template.overwrite: true
 setup.template.json.path: '/etc/filebeat/wazuh-template.json'
 setup.template.json.name: 'wazuh'
 setup.template.overwrite: true
 setup.ilm.enabled: false
 output.elasticsearch:
  hosts: ['https://wazuh.indexer:9200']
@@ -20,3 +20,12 @@ output.elasticsearch:
  #ssl.certificate_authorities:
  #ssl.certificate:
  #ssl.key:
 logging.metrics.enabled: false
 seccomp:
  default_action: allow
  syscalls:
  - action: allow
    names:
    - rseq
--- a/build-docker-images/wazuh-manager/config/filebeat_module.sh
+++ b/build-docker-images/wazuh-manager/config/filebeat_module.sh
@@ -0,0 +1,12 @@
 ## variables
 REPOSITORY="packages-dev.wazuh.com/pre-release"
 WAZUH_TAG=$(curl --silent https://api.github.com/repos/wazuh/wazuh/git/refs/tags | grep '["]ref["]:' | sed -E 's/.*\"([^\"]+)\".*/\1/'  | cut -c 11- | grep ^v${WAZUH_VERSION}$)
 ## check tag to use the correct repository
 if [[ -n "${WAZUH_TAG}" ]]; then
  REPOSITORY="packages.wazuh.com/4.x"
 fi
 curl -L -O https://artifacts.elastic.co/downloads/beats/filebeat/${FILEBEAT_CHANNEL}-${FILEBEAT_VERSION}-x86_64.rpm &&\
 yum install -y ${FILEBEAT_CHANNEL}-${FILEBEAT_VERSION}-x86_64.rpm && rm -f ${FILEBEAT_CHANNEL}-${FILEBEAT_VERSION}-x86_64.rpm && \
 curl -s https://${REPOSITORY}/filebeat/${WAZUH_FILEBEAT_MODULE} | tar -xvz -C /usr/share/filebeat/module
--- a/build-docker-images/wazuh-manager/config/permanent_data.env
+++ b/build-docker-images/wazuh-manager/config/permanent_data.env
@@ -16,11 +16,16 @@ export PERMANENT_DATA
 # Files mounted in a volume that should not be permanent
 i=0
 PERMANENT_DATA_EXCP[((i++))]="/var/ossec/etc/internal_options.conf"
 PERMANENT_DATA_EXCP[((i++))]="/var/ossec/integrations/pagerduty"
 PERMANENT_DATA_EXCP[((i++))]="/var/ossec/integrations/slack"
 PERMANENT_DATA_EXCP[((i++))]="/var/ossec/integrations/slack.py"
 PERMANENT_DATA_EXCP[((i++))]="/var/ossec/integrations/virustotal"
 PERMANENT_DATA_EXCP[((i++))]="/var/ossec/integrations/virustotal.py"
 PERMANENT_DATA_EXCP[((i++))]="/var/ossec/integrations/shuffle"
 PERMANENT_DATA_EXCP[((i++))]="/var/ossec/integrations/shuffle.py"
 PERMANENT_DATA_EXCP[((i++))]="/var/ossec/integrations/pagerduty"
 PERMANENT_DATA_EXCP[((i++))]="/var/ossec/integrations/pagerduty.py"
 PERMANENT_DATA_EXCP[((i++))]="/var/ossec/integrations/maltiverse"
 PERMANENT_DATA_EXCP[((i++))]="/var/ossec/integrations/maltiverse.py"
 PERMANENT_DATA_EXCP[((i++))]="/var/ossec/active-response/bin/default-firewall-drop"
 PERMANENT_DATA_EXCP[((i++))]="/var/ossec/active-response/bin/disable-account"
 PERMANENT_DATA_EXCP[((i++))]="/var/ossec/active-response/bin/firewalld-drop"
@@ -51,14 +56,47 @@ PERMANENT_DATA_EXCP[((i++))]="/var/ossec/agentless/ssh.exp"
 PERMANENT_DATA_EXCP[((i++))]="/var/ossec/wodles/utils.py"
 PERMANENT_DATA_EXCP[((i++))]="/var/ossec/wodles/aws/aws-s3"
 PERMANENT_DATA_EXCP[((i++))]="/var/ossec/wodles/aws/aws-s3.py"
 PERMANENT_DATA_EXCP[((i++))]="/var/ossec/wodles/aws/__init__.py"
 PERMANENT_DATA_EXCP[((i++))]="/var/ossec/wodles/aws/aws_tools.py"
 PERMANENT_DATA_EXCP[((i++))]="/var/ossec/wodles/aws/wazuh_integration.py"
 PERMANENT_DATA_EXCP[((i++))]="/var/ossec/wodles/aws/buckets_s3/__init__.py"
 PERMANENT_DATA_EXCP[((i++))]="/var/ossec/wodles/aws/buckets_s3/aws_bucket.py"
 PERMANENT_DATA_EXCP[((i++))]="/var/ossec/wodles/aws/buckets_s3/cloudtrail.py"
 PERMANENT_DATA_EXCP[((i++))]="/var/ossec/wodles/aws/buckets_s3/config.py"
 PERMANENT_DATA_EXCP[((i++))]="/var/ossec/wodles/aws/buckets_s3/guardduty.py"
 PERMANENT_DATA_EXCP[((i++))]="/var/ossec/wodles/aws/buckets_s3/load_balancers.py"
 PERMANENT_DATA_EXCP[((i++))]="/var/ossec/wodles/aws/buckets_s3/server_access.py"
 PERMANENT_DATA_EXCP[((i++))]="/var/ossec/wodles/aws/buckets_s3/umbrella.py"
 PERMANENT_DATA_EXCP[((i++))]="/var/ossec/wodles/aws/buckets_s3/vpcflow.py"
 PERMANENT_DATA_EXCP[((i++))]="/var/ossec/wodles/aws/buckets_s3/waf.py"
 PERMANENT_DATA_EXCP[((i++))]="/var/ossec/wodles/aws/services/__init__.py"
 PERMANENT_DATA_EXCP[((i++))]="/var/ossec/wodles/aws/services/aws_service.py"
 PERMANENT_DATA_EXCP[((i++))]="/var/ossec/wodles/aws/services/cloudwatchlogs.py"
 PERMANENT_DATA_EXCP[((i++))]="/var/ossec/wodles/aws/services/inspector.py"
 PERMANENT_DATA_EXCP[((i++))]="/var/ossec/wodles/aws/subscribers/__init__.py"
 PERMANENT_DATA_EXCP[((i++))]="/var/ossec/wodles/aws/subscribers/s3_log_handler.py"
 PERMANENT_DATA_EXCP[((i++))]="/var/ossec/wodles/aws/subscribers/sqs_message_processor.py"
 PERMANENT_DATA_EXCP[((i++))]="/var/ossec/wodles/aws/subscribers/sqs_queue.py"
 PERMANENT_DATA_EXCP[((i++))]="/var/ossec/wodles/azure/azure-logs"
 PERMANENT_DATA_EXCP[((i++))]="/var/ossec/wodles/azure/azure-logs.py"
 PERMANENT_DATA_EXCP[((i++))]="/var/ossec/wodles/azure/db/orm.py"
 PERMANENT_DATA_EXCP[((i++))]="/var/ossec/wodles/azure/db/utils.py"
 PERMANENT_DATA_EXCP[((i++))]="/var/ossec/wodles/azure/db/__init__.py"
 PERMANENT_DATA_EXCP[((i++))]="/var/ossec/wodles/azure/azure_utils.py"
 PERMANENT_DATA_EXCP[((i++))]="/var/ossec/wodles/azure/azure_services/__init__.py"
 PERMANENT_DATA_EXCP[((i++))]="/var/ossec/wodles/azure/azure_services/analytics.py"
 PERMANENT_DATA_EXCP[((i++))]="/var/ossec/wodles/azure/azure_services/graph.py"
 PERMANENT_DATA_EXCP[((i++))]="/var/ossec/wodles/azure/azure_services/storage.py"
 PERMANENT_DATA_EXCP[((i++))]="/var/ossec/wodles/docker/DockerListener"
 PERMANENT_DATA_EXCP[((i++))]="/var/ossec/wodles/docker/DockerListener.py"
 PERMANENT_DATA_EXCP[((i++))]="/var/ossec/wodles/gcloud/gcloud"
 PERMANENT_DATA_EXCP[((i++))]="/var/ossec/wodles/gcloud/gcloud.py"
 PERMANENT_DATA_EXCP[((i++))]="/var/ossec/wodles/gcloud/integration.py"
 PERMANENT_DATA_EXCP[((i++))]="/var/ossec/wodles/gcloud/tools.py"
 PERMANENT_DATA_EXCP[((i++))]="/var/ossec/wodles/gcloud/exceptions.py"
 PERMANENT_DATA_EXCP[((i++))]="/var/ossec/wodles/gcloud/buckets/bucket.py"
 PERMANENT_DATA_EXCP[((i++))]="/var/ossec/wodles/gcloud/buckets/access_logs.py"
 PERMANENT_DATA_EXCP[((i++))]="/var/ossec/wodles/gcloud/pubsub/subscriber.py"
 export PERMANENT_DATA_EXCP
 # Files mounted in a volume that should be deleted
--- a/indexer-certs-creator/config/entrypoint.sh
+++ b/indexer-certs-creator/config/entrypoint.sh
@@ -8,8 +8,8 @@
 ## Variables
 CERT_TOOL=wazuh-certs-tool.sh
 PASSWORD_TOOL=wazuh-passwords-tool.sh
-PACKAGES_URL=https://packages.wazuh.com/4.3/
+PACKAGES_URL=https://packages.wazuh.com/4.10/
-PACKAGES_DEV_URL=https://packages-dev.wazuh.com/4.3/
+PACKAGES_DEV_URL=https://packages-dev.wazuh.com/4.10/
 ## Check if the cert tool exists in S3 buckets
 CERT_TOOL_PACKAGES=$(curl --silent -I $PACKAGES_URL$CERT_TOOL | grep -E "^HTTP" | awk  '{print $2}')
@@ -17,13 +17,13 @@ CERT_TOOL_PACKAGES_DEV=$(curl --silent -I $PACKAGES_DEV_URL$CERT_TOOL | grep -E
 ## If cert tool exists in some bucket, download it, if not exit 1
 if [ "$CERT_TOOL_PACKAGES" = "200" ]; then
-  curl -o $CERT_TOOL $PACKAGES_URL$CERT_TOOL
+  curl -o $CERT_TOOL $PACKAGES_URL$CERT_TOOL -s
-  echo "Cert tool exists in Packages bucket"
+  echo "The tool to create the certificates exists in the in Packages bucket"
 elif [ "$CERT_TOOL_PACKAGES_DEV" = "200" ]; then
-  curl -o $CERT_TOOL $PACKAGES_DEV_URL$CERT_TOOL
+  curl -o $CERT_TOOL $PACKAGES_DEV_URL$CERT_TOOL -s
-  echo "Cert tool exists in Packages-dev bucket"
+  echo "The tool to create the certificates exists in Packages-dev bucket"
 else
-  echo "Cert tool does not exist in any bucket"
+  echo "The tool to create the certificates does not exist in any bucket"
  echo "ERROR: certificates were not created"
  exit 1
 fi
@@ -38,12 +38,12 @@ chmod 700 /$CERT_TOOL
 ## Execute cert tool and parsin cert.yml to set UID permissions
 source /$CERT_TOOL -A
-nodes_server=$( cert_parseYaml /config.yml | grep nodes_server__name | sed 's/nodes_server__name=//' )
+nodes_server=$( cert_parseYaml /config.yml | grep -E "nodes[_]+server[_]+[0-9]+=" | sed -e 's/nodes__server__[0-9]=//' | sed 's/"//g' )
 node_names=($nodes_server)
-echo "Moving created certificates to destination directory"
+echo "Moving created certificates to the destination directory"
 cp /wazuh-certificates/* /certificates/
-echo "changing certificate permissions"
+echo "Changing certificate permissions"
 chmod -R 500 /certificates
 chmod -R 400 /certificates/*
 echo "Setting UID indexer and dashboard"
@@ -51,11 +51,12 @@ chown 1000:1000 /certificates/*
 echo "Setting UID for wazuh manager and worker"
 cp /certificates/root-ca.pem /certificates/root-ca-manager.pem
 cp /certificates/root-ca.key /certificates/root-ca-manager.key
-chown 999:997 /certificates/root-ca-manager.pem
+chown 999:999 /certificates/root-ca-manager.pem
-chown 999:997 /certificates/root-ca-manager.key
+chown 999:999 /certificates/root-ca-manager.key
-for i in ${node_names[@]}; 
+for i in ${node_names[@]};
-do 
+do
-  chown 999:997 "/certificates/${i}.pem"
+  chown 999:999 "/certificates/${i}.pem"
-  chown 999:997 "/certificates/${i}-key.pem"
+  chown 999:999 "/certificates/${i}-key.pem"
 done
--- a/multi-node/Migration-to-Wazuh-4.4.md
+++ b/multi-node/Migration-to-Wazuh-4.4.md
@@ -1,6 +1,6 @@
 # Opendistro data migration to Wazuh indexer on docker.
 This procedure explains how to migrate Opendistro data from Opendistro to Wazuh indexer in docker production deployments.
-The example is migrating from v4.2 to v4.3.
+The example is migrating from v4.2 to v4.4.
 ## Procedure
 Assuming that you have a v4.2 production deployment, perform the following steps.
@@ -350,9 +350,9 @@ docker container run --rm -it \
           alpine ash -c "cd /from ; cp -avp . /to"
 ```
-**7. Start the 4.3 environment.**
+**7. Start the 4.4 environment.**
 ```
-git checkout 4.3
+git checkout 4.4
 cd multi-node
 docker-compose -f generate-indexer-certs.yml run --rm generator
 docker-compose up -d
--- a/multi-node/config/certs.yml
+++ b/multi-node/config/certs.yml
@@ -21,4 +21,4 @@ nodes:
  # Wazuh dashboard node
  dashboard:
    - name: wazuh.dashboard
-      ip: wazuh.dashboard
+      ip: wazuh.dashboard
--- a/multi-node/config/wazuh_cluster/wazuh_manager.conf
+++ b/multi-node/config/wazuh_cluster/wazuh_manager.conf
@@ -95,69 +95,27 @@
    <skip_nfs>yes</skip_nfs>
  </sca>
-  <vulnerability-detector>
+  <vulnerability-detection>
-    <enabled>no</enabled>
+    <enabled>yes</enabled>
-    <interval>5m</interval>
+    <index-status>yes</index-status>
-    <min_full_scan_interval>6h</min_full_scan_interval>
+    <feed-update-interval>60m</feed-update-interval>
-    <run_on_start>yes</run_on_start>
+  </vulnerability-detection>
-    <!-- Ubuntu OS vulnerabilities -->
+  <indexer>
-    <provider name="canonical">
+    <enabled>yes</enabled>
-      <enabled>no</enabled>
+    <hosts>
-      <os>trusty</os>
+      <host>https://wazuh1.indexer:9200</host>
-      <os>xenial</os>
+      <host>https://wazuh2.indexer:9200</host>
-      <os>bionic</os>
+      <host>https://wazuh3.indexer:9200</host>
-      <os>focal</os>
+    </hosts>
-      <update_interval>1h</update_interval>
+    <ssl>
-    </provider>
+      <certificate_authorities>
-
+        <ca>/etc/ssl/root-ca.pem</ca>
-    <!-- Debian OS vulnerabilities -->
+      </certificate_authorities>
-    <provider name="debian">
+      <certificate>/etc/ssl/filebeat.pem</certificate>
-      <enabled>no</enabled>
+      <key>/etc/ssl/filebeat.key</key>
-      <os>stretch</os>
+    </ssl>
-      <os>buster</os>
+  </indexer>
      <os>bullseye</os>
      <update_interval>1h</update_interval>
    </provider>
    <!-- RedHat OS vulnerabilities -->
    <provider name="redhat">
      <enabled>no</enabled>
      <os>5</os>
      <os>6</os>
      <os>7</os>
      <os>8</os>
      <update_interval>1h</update_interval>
    </provider>
    <!-- Amazon Linux OS vulnerabilities -->
    <provider name="alas">
      <enabled>no</enabled>
      <os>amazon-linux</os>
      <os>amazon-linux-2</os>
      <update_interval>1h</update_interval>
    </provider>
    <!-- Arch OS vulnerabilities -->
    <provider name="arch">
      <enabled>no</enabled>
      <update_interval>1h</update_interval>
    </provider>
    <!-- Windows OS vulnerabilities -->
    <provider name="msu">
      <enabled>yes</enabled>
      <update_interval>1h</update_interval>
    </provider>
    <!-- Aggregate vulnerabilities -->
    <provider name="nvd">
      <enabled>yes</enabled>
      <update_from_year>2010</update_from_year>
      <update_interval>1h</update_interval>
    </provider>
  </vulnerability-detector>
  <!-- File integrity monitoring -->
  <syscheck>
@@ -349,24 +307,4 @@
    <location>/var/ossec/logs/active-responses.log</location>
  </localfile>
-  <localfile>
+</ossec_config>
    <log_format>syslog</log_format>
    <location>/var/log/auth.log</location>
  </localfile>
  <localfile>
    <log_format>syslog</log_format>
    <location>/var/log/syslog</location>
  </localfile>
  <localfile>
    <log_format>syslog</log_format>
    <location>/var/log/dpkg.log</location>
  </localfile>
  <localfile>
    <log_format>syslog</log_format>
    <location>/var/log/kern.log</location>
  </localfile>
 </ossec_config>
--- a/multi-node/config/wazuh_cluster/wazuh_worker.conf
+++ b/multi-node/config/wazuh_cluster/wazuh_worker.conf
@@ -95,69 +95,27 @@
    <skip_nfs>yes</skip_nfs>
  </sca>
-  <vulnerability-detector>
+  <vulnerability-detection>
-    <enabled>no</enabled>
+    <enabled>yes</enabled>
-    <interval>5m</interval>
+    <index-status>yes</index-status>
-    <min_full_scan_interval>6h</min_full_scan_interval>
+    <feed-update-interval>60m</feed-update-interval>
-    <run_on_start>yes</run_on_start>
+  </vulnerability-detection>
-    <!-- Ubuntu OS vulnerabilities -->
+  <indexer>
-    <provider name="canonical">
+    <enabled>yes</enabled>
-      <enabled>no</enabled>
+    <hosts>
-      <os>trusty</os>
+      <host>https://wazuh1.indexer:9200</host>
-      <os>xenial</os>
+      <host>https://wazuh2.indexer:9200</host>
-      <os>bionic</os>
+      <host>https://wazuh3.indexer:9200</host>
-      <os>focal</os>
+    </hosts>
-      <update_interval>1h</update_interval>
+    <ssl>
-    </provider>
+      <certificate_authorities>
-
+        <ca>/etc/ssl/root-ca.pem</ca>
-    <!-- Debian OS vulnerabilities -->
+      </certificate_authorities>
-    <provider name="debian">
+      <certificate>/etc/ssl/filebeat.pem</certificate>
-      <enabled>no</enabled>
+      <key>/etc/ssl/filebeat.key</key>
-      <os>stretch</os>
+    </ssl>
-      <os>buster</os>
+  </indexer>
      <os>bullseye</os>
      <update_interval>1h</update_interval>
    </provider>
    <!-- RedHat OS vulnerabilities -->
    <provider name="redhat">
      <enabled>no</enabled>
      <os>5</os>
      <os>6</os>
      <os>7</os>
      <os>8</os>
      <update_interval>1h</update_interval>
    </provider>
    <!-- Amazon Linux OS vulnerabilities -->
    <provider name="alas">
      <enabled>no</enabled>
      <os>amazon-linux</os>
      <os>amazon-linux-2</os>
      <update_interval>1h</update_interval>
    </provider>
    <!-- Arch OS vulnerabilities -->
    <provider name="arch">
      <enabled>no</enabled>
      <update_interval>1h</update_interval>
    </provider>
    <!-- Windows OS vulnerabilities -->
    <provider name="msu">
      <enabled>yes</enabled>
      <update_interval>1h</update_interval>
    </provider>
    <!-- Aggregate vulnerabilities -->
    <provider name="nvd">
      <enabled>yes</enabled>
      <update_from_year>2010</update_from_year>
      <update_interval>1h</update_interval>
    </provider>
  </vulnerability-detector>
  <!-- File integrity monitoring -->
  <syscheck>
@@ -349,24 +307,4 @@
    <location>/var/ossec/logs/active-responses.log</location>
  </localfile>
-  <localfile>
+</ossec_config>
    <log_format>syslog</log_format>
    <location>/var/log/auth.log</location>
  </localfile>
  <localfile>
    <log_format>syslog</log_format>
    <location>/var/log/syslog</location>
  </localfile>
  <localfile>
    <log_format>syslog</log_format>
    <location>/var/log/dpkg.log</location>
  </localfile>
  <localfile>
    <log_format>syslog</log_format>
    <location>/var/log/kern.log</location>
  </localfile>
 </ossec_config>
--- a/multi-node/config/wazuh_dashboard/opensearch_dashboards.yml
+++ b/multi-node/config/wazuh_dashboard/opensearch_dashboards.yml
@@ -9,4 +9,4 @@ server.ssl.enabled: true
 server.ssl.key: "/usr/share/wazuh-dashboard/certs/wazuh-dashboard-key.pem"
 server.ssl.certificate: "/usr/share/wazuh-dashboard/certs/wazuh-dashboard.pem"
 opensearch.ssl.certificateAuthorities: ["/usr/share/wazuh-dashboard/certs/root-ca.pem"]
-uiSettings.overrides.defaultRoute: /app/wazuh
+uiSettings.overrides.defaultRoute: /app/wz-home
--- a/multi-node/config/wazuh_dashboard/wazuh.yml
+++ b/multi-node/config/wazuh_dashboard/wazuh.yml
@@ -3,5 +3,5 @@ hosts:
      url: "https://wazuh.master"
      port: 55000
      username: wazuh-wui
-      password: MyS3cr37P450r.*-
+      password: "MyS3cr37P450r.*-"
      run_as: false
--- a/multi-node/docker-compose.yml
+++ b/multi-node/docker-compose.yml
@@ -3,9 +3,16 @@ version: '3.7'
 services:
  wazuh.master:
-    image: wazuh/wazuh-manager:4.3.4
+    image: wazuh/wazuh-manager:4.10.2
    hostname: wazuh.master
    restart: always
    ulimits:
      memlock:
        soft: -1
        hard: -1
      nofile:
        soft: 655360
        hard: 655360
    ports:
      - "1515:1515"
      - "514:514/udp"
@@ -38,9 +45,16 @@ services:
      - ./config/wazuh_cluster/wazuh_manager.conf:/wazuh-config-mount/etc/ossec.conf
  wazuh.worker:
-    image: wazuh/wazuh-manager:4.3.4
+    image: wazuh/wazuh-manager:4.10.2
    hostname: wazuh.worker
    restart: always
    ulimits:
      memlock:
        soft: -1
        hard: -1
      nofile:
        soft: 655360
        hard: 655360
    environment:
      - INDEXER_URL=https://wazuh1.indexer:9200
      - INDEXER_USERNAME=admin
@@ -67,7 +81,7 @@ services:
      - ./config/wazuh_cluster/wazuh_worker.conf:/wazuh-config-mount/etc/ossec.conf
  wazuh1.indexer:
-    image: wazuh/wazuh-indexer:4.3.4
+    image: wazuh/wazuh-indexer:4.10.2
    hostname: wazuh1.indexer
    restart: always
    ports:
@@ -84,16 +98,16 @@ services:
        hard: 65536
    volumes:
      - wazuh-indexer-data-1:/var/lib/wazuh-indexer
-      - ./config/wazuh_indexer_ssl_certs/root-ca.pem:/usr/share/wazuh-indexer/config/certs/root-ca.pem
+      - ./config/wazuh_indexer_ssl_certs/root-ca.pem:/usr/share/wazuh-indexer/certs/root-ca.pem
-      - ./config/wazuh_indexer_ssl_certs/wazuh1.indexer-key.pem:/usr/share/wazuh-indexer/config/certs/wazuh1.indexer.key
+      - ./config/wazuh_indexer_ssl_certs/wazuh1.indexer-key.pem:/usr/share/wazuh-indexer/certs/wazuh1.indexer.key
-      - ./config/wazuh_indexer_ssl_certs/wazuh1.indexer.pem:/usr/share/wazuh-indexer/config/certs/wazuh1.indexer.pem
+      - ./config/wazuh_indexer_ssl_certs/wazuh1.indexer.pem:/usr/share/wazuh-indexer/certs/wazuh1.indexer.pem
-      - ./config/wazuh_indexer_ssl_certs/admin.pem:/usr/share/wazuh-indexer/config/certs/admin.pem
+      - ./config/wazuh_indexer_ssl_certs/admin.pem:/usr/share/wazuh-indexer/certs/admin.pem
-      - ./config/wazuh_indexer_ssl_certs/admin-key.pem:/usr/share/wazuh-indexer/config/certs/admin-key.pem
+      - ./config/wazuh_indexer_ssl_certs/admin-key.pem:/usr/share/wazuh-indexer/certs/admin-key.pem
-      - ./config/wazuh_indexer/wazuh1.indexer.yml:/usr/share/wazuh-indexer/config/opensearch.yml
+      - ./config/wazuh_indexer/wazuh1.indexer.yml:/usr/share/wazuh-indexer/opensearch.yml
-      - ./config/wazuh_indexer/internal_users.yml:/usr/share/wazuh-indexer/plugins/opensearch-security/securityconfig/internal_users.yml
+      - ./config/wazuh_indexer/internal_users.yml:/usr/share/wazuh-indexer/opensearch-security/internal_users.yml
  wazuh2.indexer:
-    image: wazuh/wazuh-indexer:4.3.4
+    image: wazuh/wazuh-indexer:4.10.2
    hostname: wazuh2.indexer
    restart: always
    environment:
@@ -108,14 +122,14 @@ services:
        hard: 65536
    volumes:
      - wazuh-indexer-data-2:/var/lib/wazuh-indexer
-      - ./config/wazuh_indexer_ssl_certs/root-ca.pem:/usr/share/wazuh-indexer/config/certs/root-ca.pem
+      - ./config/wazuh_indexer_ssl_certs/root-ca.pem:/usr/share/wazuh-indexer/certs/root-ca.pem
-      - ./config/wazuh_indexer_ssl_certs/wazuh2.indexer-key.pem:/usr/share/wazuh-indexer/config/certs/wazuh2.indexer.key
+      - ./config/wazuh_indexer_ssl_certs/wazuh2.indexer-key.pem:/usr/share/wazuh-indexer/certs/wazuh2.indexer.key
-      - ./config/wazuh_indexer_ssl_certs/wazuh2.indexer.pem:/usr/share/wazuh-indexer/config/certs/wazuh2.indexer.pem
+      - ./config/wazuh_indexer_ssl_certs/wazuh2.indexer.pem:/usr/share/wazuh-indexer/certs/wazuh2.indexer.pem
-      - ./config/wazuh_indexer/wazuh2.indexer.yml:/usr/share/wazuh-indexer/config/opensearch.yml
+      - ./config/wazuh_indexer/wazuh2.indexer.yml:/usr/share/wazuh-indexer/opensearch.yml
-      - ./config/wazuh_indexer/internal_users.yml:/usr/share/wazuh-indexer/plugins/opensearch-security/securityconfig/internal_users.yml
+      - ./config/wazuh_indexer/internal_users.yml:/usr/share/wazuh-indexer/opensearch-security/internal_users.yml
  wazuh3.indexer:
-    image: wazuh/wazuh-indexer:4.3.4
+    image: wazuh/wazuh-indexer:4.10.2
    hostname: wazuh3.indexer
    restart: always
    environment:
@@ -130,14 +144,14 @@ services:
        hard: 65536
    volumes:
      - wazuh-indexer-data-3:/var/lib/wazuh-indexer
-      - ./config/wazuh_indexer_ssl_certs/root-ca.pem:/usr/share/wazuh-indexer/config/certs/root-ca.pem
+      - ./config/wazuh_indexer_ssl_certs/root-ca.pem:/usr/share/wazuh-indexer/certs/root-ca.pem
-      - ./config/wazuh_indexer_ssl_certs/wazuh3.indexer-key.pem:/usr/share/wazuh-indexer/config/certs/wazuh3.indexer.key
+      - ./config/wazuh_indexer_ssl_certs/wazuh3.indexer-key.pem:/usr/share/wazuh-indexer/certs/wazuh3.indexer.key
-      - ./config/wazuh_indexer_ssl_certs/wazuh3.indexer.pem:/usr/share/wazuh-indexer/config/certs/wazuh3.indexer.pem
+      - ./config/wazuh_indexer_ssl_certs/wazuh3.indexer.pem:/usr/share/wazuh-indexer/certs/wazuh3.indexer.pem
-      - ./config/wazuh_indexer/wazuh3.indexer.yml:/usr/share/wazuh-indexer/config/opensearch.yml
+      - ./config/wazuh_indexer/wazuh3.indexer.yml:/usr/share/wazuh-indexer/opensearch.yml
-      - ./config/wazuh_indexer/internal_users.yml:/usr/share/wazuh-indexer/plugins/opensearch-security/securityconfig/internal_users.yml
+      - ./config/wazuh_indexer/internal_users.yml:/usr/share/wazuh-indexer/opensearch-security/internal_users.yml
  wazuh.dashboard:
-    image: wazuh/wazuh-dashboard:4.3.4
+    image: wazuh/wazuh-dashboard:4.10.2
    hostname: wazuh.dashboard
    restart: always
    ports:
@@ -147,12 +161,16 @@ services:
      - WAZUH_API_URL="https://wazuh.master"
      - API_USERNAME=wazuh-wui
      - API_PASSWORD=MyS3cr37P450r.*-
      - DASHBOARD_USERNAME=kibanaserver
      - DASHBOARD_PASSWORD=kibanaserver
    volumes:
      - ./config/wazuh_indexer_ssl_certs/wazuh.dashboard.pem:/usr/share/wazuh-dashboard/certs/wazuh-dashboard.pem
      - ./config/wazuh_indexer_ssl_certs/wazuh.dashboard-key.pem:/usr/share/wazuh-dashboard/certs/wazuh-dashboard-key.pem
      - ./config/wazuh_indexer_ssl_certs/root-ca.pem:/usr/share/wazuh-dashboard/certs/root-ca.pem
      - ./config/wazuh_dashboard/opensearch_dashboards.yml:/usr/share/wazuh-dashboard/config/opensearch_dashboards.yml
      - ./config/wazuh_dashboard/wazuh.yml:/usr/share/wazuh-dashboard/data/wazuh/config/wazuh.yml
      - wazuh-dashboard-config:/usr/share/wazuh-dashboard/data/wazuh/config
      - wazuh-dashboard-custom:/usr/share/wazuh-dashboard/plugins/wazuh/public/assets/custom
    depends_on:
      - wazuh1.indexer
    links:
@@ -202,3 +220,5 @@ volumes:
  wazuh-indexer-data-1:
  wazuh-indexer-data-2:
  wazuh-indexer-data-3:
  wazuh-dashboard-config:
  wazuh-dashboard-custom:
--- a/multi-node/generate-indexer-certs.yml
+++ b/multi-node/generate-indexer-certs.yml
@@ -3,7 +3,7 @@ version: '3'
 services:
  generator:
-    image: wazuh/wazuh-certs-generator:0.0.1
+    image: wazuh/wazuh-certs-generator:0.0.2
    hostname: wazuh-certs-generator
    volumes:
      - ./config/wazuh_indexer_ssl_certs/:/certificates/
--- a/single-node/config/certs.yml
+++ b/single-node/config/certs.yml
@@ -13,4 +13,4 @@ nodes:
  # Wazuh dashboard node
  dashboard:
    - name: wazuh.dashboard
-      ip: wazuh.dashboard
+      ip: wazuh.dashboard
--- a/single-node/config/wazuh_cluster/wazuh_manager.conf
+++ b/single-node/config/wazuh_cluster/wazuh_manager.conf
@@ -95,69 +95,25 @@
    <skip_nfs>yes</skip_nfs>
  </sca>
-  <vulnerability-detector>
+  <vulnerability-detection>
-    <enabled>no</enabled>
+    <enabled>yes</enabled>
-    <interval>5m</interval>
+    <index-status>yes</index-status>
-    <min_full_scan_interval>6h</min_full_scan_interval>
+    <feed-update-interval>60m</feed-update-interval>
-    <run_on_start>yes</run_on_start>
+  </vulnerability-detection>
-    <!-- Ubuntu OS vulnerabilities -->
+  <indexer>
-    <provider name="canonical">
+    <enabled>yes</enabled>
-      <enabled>no</enabled>
+    <hosts>
-      <os>trusty</os>
+      <host>https://wazuh.indexer:9200</host>
-      <os>xenial</os>
+    </hosts>
-      <os>bionic</os>
+    <ssl>
-      <os>focal</os>
+      <certificate_authorities>
-      <update_interval>1h</update_interval>
+        <ca>/etc/ssl/root-ca.pem</ca>
-    </provider>
+      </certificate_authorities>
-
+      <certificate>/etc/ssl/filebeat.pem</certificate>
-    <!-- Debian OS vulnerabilities -->
+      <key>/etc/ssl/filebeat.key</key>
-    <provider name="debian">
+    </ssl>
-      <enabled>no</enabled>
+  </indexer>
      <os>stretch</os>
      <os>buster</os>
      <os>bullseye</os>
      <update_interval>1h</update_interval>
    </provider>
    <!-- RedHat OS vulnerabilities -->
    <provider name="redhat">
      <enabled>no</enabled>
      <os>5</os>
      <os>6</os>
      <os>7</os>
      <os>8</os>
      <update_interval>1h</update_interval>
    </provider>
    <!-- Amazon Linux OS vulnerabilities -->
    <provider name="alas">
      <enabled>no</enabled>
      <os>amazon-linux</os>
      <os>amazon-linux-2</os>
      <update_interval>1h</update_interval>
    </provider>
    <!-- Arch OS vulnerabilities -->
    <provider name="arch">
      <enabled>no</enabled>
      <update_interval>1h</update_interval>
    </provider>
    <!-- Windows OS vulnerabilities -->
    <provider name="msu">
      <enabled>yes</enabled>
      <update_interval>1h</update_interval>
    </provider>
    <!-- Aggregate vulnerabilities -->
    <provider name="nvd">
      <enabled>yes</enabled>
      <update_from_year>2010</update_from_year>
      <update_interval>1h</update_interval>
    </provider>
  </vulnerability-detector>
  <!-- File integrity monitoring -->
  <syscheck>
@@ -331,11 +287,11 @@
    <name>wazuh</name>
    <node_name>node01</node_name>
    <node_type>master</node_type>
-    <key></key>
+    <key>aa093264ef885029653eea20dfcf51ae</key>
    <port>1516</port>
    <bind_addr>0.0.0.0</bind_addr>
    <nodes>
-        <node>NODE_IP</node>
+        <node>wazuh.manager</node>
    </nodes>
    <hidden>no</hidden>
    <disabled>yes</disabled>
--- a/single-node/config/wazuh_dashboard/opensearch_dashboards.yml
+++ b/single-node/config/wazuh_dashboard/opensearch_dashboards.yml
@@ -9,4 +9,4 @@ server.ssl.enabled: true
 server.ssl.key: "/usr/share/wazuh-dashboard/certs/wazuh-dashboard-key.pem"
 server.ssl.certificate: "/usr/share/wazuh-dashboard/certs/wazuh-dashboard.pem"
 opensearch.ssl.certificateAuthorities: ["/usr/share/wazuh-dashboard/certs/root-ca.pem"]
-uiSettings.overrides.defaultRoute: /app/wazuh
+uiSettings.overrides.defaultRoute: /app/wz-home
--- a/single-node/config/wazuh_dashboard/wazuh.yml
+++ b/single-node/config/wazuh_dashboard/wazuh.yml
@@ -3,5 +3,5 @@ hosts:
      url: "https://wazuh.manager"
      port: 55000
      username: wazuh-wui
-      password: MyS3cr37P450r.*-
+      password: "MyS3cr37P450r.*-"
      run_as: false
--- a/single-node/config/wazuh_indexer/wazuh.indexer.yml
+++ b/single-node/config/wazuh_indexer/wazuh.indexer.yml
@@ -3,13 +3,15 @@ node.name: "wazuh.indexer"
 path.data: /var/lib/wazuh-indexer
 path.logs: /var/log/wazuh-indexer
 discovery.type: single-node
 http.port: 9200-9299
 transport.tcp.port: 9300-9399
 compatibility.override_main_response_version: true
-plugins.security.ssl.http.pemcert_filepath: ${OPENSEARCH_PATH_CONF}/certs/wazuh.indexer.pem
+plugins.security.ssl.http.pemcert_filepath: /usr/share/wazuh-indexer/certs/wazuh.indexer.pem
-plugins.security.ssl.http.pemkey_filepath: ${OPENSEARCH_PATH_CONF}/certs/wazuh.indexer.key
+plugins.security.ssl.http.pemkey_filepath: /usr/share/wazuh-indexer/certs/wazuh.indexer.key
-plugins.security.ssl.http.pemtrustedcas_filepath: ${OPENSEARCH_PATH_CONF}/certs/root-ca.pem
+plugins.security.ssl.http.pemtrustedcas_filepath: /usr/share/wazuh-indexer/certs/root-ca.pem
-plugins.security.ssl.transport.pemcert_filepath: ${OPENSEARCH_PATH_CONF}/certs/wazuh.indexer.pem
+plugins.security.ssl.transport.pemcert_filepath: /usr/share/wazuh-indexer/certs/wazuh.indexer.pem
-plugins.security.ssl.transport.pemkey_filepath: ${OPENSEARCH_PATH_CONF}/certs/wazuh.indexer.key
+plugins.security.ssl.transport.pemkey_filepath: /usr/share/wazuh-indexer/certs/wazuh.indexer.key
-plugins.security.ssl.transport.pemtrustedcas_filepath: ${OPENSEARCH_PATH_CONF}/certs/root-ca.pem
+plugins.security.ssl.transport.pemtrustedcas_filepath: /usr/share/wazuh-indexer/certs/root-ca.pem
 plugins.security.ssl.http.enabled: true
 plugins.security.ssl.transport.enforce_hostname_verification: false
 plugins.security.ssl.transport.resolve_hostname: false
--- a/single-node/docker-compose.yml
+++ b/single-node/docker-compose.yml
@@ -3,9 +3,16 @@ version: '3.7'
 services:
  wazuh.manager:
-    image: wazuh/wazuh-manager:4.3.4
+    image: wazuh/wazuh-manager:4.10.2
    hostname: wazuh.manager
    restart: always
    ulimits:
      memlock:
        soft: -1
        hard: -1
      nofile:
        soft: 655360
        hard: 655360
    ports:
      - "1514:1514"
      - "1515:1515"
@@ -39,13 +46,13 @@ services:
      - ./config/wazuh_cluster/wazuh_manager.conf:/wazuh-config-mount/etc/ossec.conf
  wazuh.indexer:
-    image: wazuh/wazuh-indexer:4.3.4
+    image: wazuh/wazuh-indexer:4.10.2
    hostname: wazuh.indexer
    restart: always
    ports:
      - "9200:9200"
    environment:
-      - "OPENSEARCH_JAVA_OPTS=-Xms512m -Xmx512m"
+      - "OPENSEARCH_JAVA_OPTS=-Xms1g -Xmx1g"
    ulimits:
      memlock:
        soft: -1
@@ -55,16 +62,16 @@ services:
        hard: 65536
    volumes:
      - wazuh-indexer-data:/var/lib/wazuh-indexer
-      - ./config/wazuh_indexer_ssl_certs/root-ca.pem:/usr/share/wazuh-indexer/config/certs/root-ca.pem
+      - ./config/wazuh_indexer_ssl_certs/root-ca.pem:/usr/share/wazuh-indexer/certs/root-ca.pem
-      - ./config/wazuh_indexer_ssl_certs/wazuh.indexer-key.pem:/usr/share/wazuh-indexer/config/certs/wazuh.indexer.key
+      - ./config/wazuh_indexer_ssl_certs/wazuh.indexer-key.pem:/usr/share/wazuh-indexer/certs/wazuh.indexer.key
-      - ./config/wazuh_indexer_ssl_certs/wazuh.indexer.pem:/usr/share/wazuh-indexer/config/certs/wazuh.indexer.pem
+      - ./config/wazuh_indexer_ssl_certs/wazuh.indexer.pem:/usr/share/wazuh-indexer/certs/wazuh.indexer.pem
-      - ./config/wazuh_indexer_ssl_certs/admin.pem:/usr/share/wazuh-indexer/config/certs/admin.pem
+      - ./config/wazuh_indexer_ssl_certs/admin.pem:/usr/share/wazuh-indexer/certs/admin.pem
-      - ./config/wazuh_indexer_ssl_certs/admin-key.pem:/usr/share/wazuh-indexer/config/certs/admin-key.pem
+      - ./config/wazuh_indexer_ssl_certs/admin-key.pem:/usr/share/wazuh-indexer/certs/admin-key.pem
-      - ./config/wazuh_indexer/wazuh.indexer.yml:/usr/share/wazuh-indexer/config/opensearch.yml
+      - ./config/wazuh_indexer/wazuh.indexer.yml:/usr/share/wazuh-indexer/opensearch.yml
-      - ./config/wazuh_indexer/internal_users.yml:/usr/share/wazuh-indexer/plugins/opensearch-security/securityconfig/internal_users.yml
+      - ./config/wazuh_indexer/internal_users.yml:/usr/share/wazuh-indexer/opensearch-security/internal_users.yml
  wazuh.dashboard:
-    image: wazuh/wazuh-dashboard:4.3.4
+    image: wazuh/wazuh-dashboard:4.10.2
    hostname: wazuh.dashboard
    restart: always
    ports:
@@ -73,6 +80,8 @@ services:
      - INDEXER_USERNAME=admin
      - INDEXER_PASSWORD=SecretPassword
      - WAZUH_API_URL=https://wazuh.manager
      - DASHBOARD_USERNAME=kibanaserver
      - DASHBOARD_PASSWORD=kibanaserver
      - API_USERNAME=wazuh-wui
      - API_PASSWORD=MyS3cr37P450r.*-
    volumes:
@@ -81,6 +90,8 @@ services:
      - ./config/wazuh_indexer_ssl_certs/root-ca.pem:/usr/share/wazuh-dashboard/certs/root-ca.pem
      - ./config/wazuh_dashboard/opensearch_dashboards.yml:/usr/share/wazuh-dashboard/config/opensearch_dashboards.yml
      - ./config/wazuh_dashboard/wazuh.yml:/usr/share/wazuh-dashboard/data/wazuh/config/wazuh.yml
      - wazuh-dashboard-config:/usr/share/wazuh-dashboard/data/wazuh/config
      - wazuh-dashboard-custom:/usr/share/wazuh-dashboard/plugins/wazuh/public/assets/custom
    depends_on:
      - wazuh.indexer
    links:
@@ -100,3 +111,5 @@ volumes:
  filebeat_etc:
  filebeat_var:
  wazuh-indexer-data:
  wazuh-dashboard-config:
  wazuh-dashboard-custom:
--- a/single-node/generate-indexer-certs.yml
+++ b/single-node/generate-indexer-certs.yml
@@ -3,8 +3,8 @@ version: '3'
 services:
  generator:
-    image: wazuh/wazuh-certs-generator:0.0.1
+    image: wazuh/wazuh-certs-generator:0.0.2
    hostname: wazuh-certs-generator
    volumes:
      - ./config/wazuh_indexer_ssl_certs/:/certificates/
-      - ./config/certs.yml:/config/certs.yml
+      - ./config/certs.yml:/config/certs.yml
`@@ -1,2 +1,2 @@`
	`WAZUH-DOCKER_VERSION="4.3.4"`	`WAZUH-DOCKER_VERSION="4.10.2"`
	`REVISION="40316"`	`REVISION="41021"`