diff --git a/CHANGELOG.md b/CHANGELOG.md
index 52a4437f..76e24d67 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -9,6 +9,7 @@ All notable changes to this project will be documented in this file.
### Changed
+- Wazuh server clean-up ([#2030](https://github.com/wazuh/wazuh-puppet/issues/2030))
- Fix OpenSearch deprecated settings ([#1366](https://github.com/wazuh/wazuh-puppet/issues/1366))
### Fixed
diff --git a/build-docker-images/build-images.yml b/build-docker-images/build-images.yml
index ed784cec..35d8d7a2 100644
--- a/build-docker-images/build-images.yml
+++ b/build-docker-images/build-images.yml
@@ -27,9 +27,7 @@ services:
- wazuh_logs:/var/ossec/logs
- wazuh_queue:/var/ossec/queue
- wazuh_var_multigroups:/var/ossec/var/multigroups
- - wazuh_integrations:/var/ossec/integrations
- wazuh_active_response:/var/ossec/active-response/bin
- - wazuh_agentless:/var/ossec/agentless
- wazuh_wodles:/var/ossec/wodles
- filebeat_etc:/etc/filebeat
- filebeat_var:/var/lib/filebeat
@@ -94,9 +92,7 @@ volumes:
wazuh_logs:
wazuh_queue:
wazuh_var_multigroups:
- wazuh_integrations:
wazuh_active_response:
- wazuh_agentless:
wazuh_wodles:
filebeat_etc:
filebeat_var:
diff --git a/build-docker-images/wazuh-manager/Dockerfile b/build-docker-images/wazuh-manager/Dockerfile
index 7bbfdfc7..d2c11083 100644
--- a/build-docker-images/wazuh-manager/Dockerfile
+++ b/build-docker-images/wazuh-manager/Dockerfile
@@ -50,9 +50,6 @@ RUN chmod go-w /etc/filebeat/wazuh-template.json
RUN mkdir -p /var/ossec/var/multigroups && \
chown root:wazuh /var/ossec/var/multigroups && \
chmod 770 /var/ossec/var/multigroups && \
- mkdir -p /var/ossec/agentless && \
- chown root:wazuh /var/ossec/agentless && \
- chmod 770 /var/ossec/agentless && \
mkdir -p /var/ossec/active-response/bin && \
chown root:wazuh /var/ossec/active-response/bin && \
chmod 770 /var/ossec/active-response/bin && \
diff --git a/build-docker-images/wazuh-manager/config/etc/cont-init.d/2-manager b/build-docker-images/wazuh-manager/config/etc/cont-init.d/2-manager
index ff3e1fdd..ebd08eb1 100644
--- a/build-docker-images/wazuh-manager/config/etc/cont-init.d/2-manager
+++ b/build-docker-images/wazuh-manager/config/etc/cont-init.d/2-manager
@@ -60,12 +60,6 @@ function_wazuh_migration(){
chown wazuh:wazuh /var/ossec/etc/rules/*
chmod 660 /var/ossec/etc/rules/*
- if [ -e /wazuh-migration/data/agentless/.passlist ]; then
- \cp -f /wazuh-migration/data/agentless/.passlist /var/ossec/agentless/.passlist
- chown root:wazuh /var/ossec/agentless/.passlist
- chmod 640 /var/ossec/agentless/.passlist
- fi
-
\cp -f /wazuh-migration/global.db /var/ossec/queue/db/global.db
chown wazuh:wazuh /var/ossec/queue/db/global.db
chmod 640 /var/ossec/queue/db/global.db
diff --git a/build-docker-images/wazuh-manager/config/permanent_data.env b/build-docker-images/wazuh-manager/config/permanent_data.env
index 132dc492..26a61289 100644
--- a/build-docker-images/wazuh-manager/config/permanent_data.env
+++ b/build-docker-images/wazuh-manager/config/permanent_data.env
@@ -4,9 +4,7 @@ PERMANENT_DATA[((i++))]="/var/ossec/api/configuration"
PERMANENT_DATA[((i++))]="/var/ossec/etc"
PERMANENT_DATA[((i++))]="/var/ossec/logs"
PERMANENT_DATA[((i++))]="/var/ossec/queue"
-PERMANENT_DATA[((i++))]="/var/ossec/agentless"
PERMANENT_DATA[((i++))]="/var/ossec/var/multigroups"
-PERMANENT_DATA[((i++))]="/var/ossec/integrations"
PERMANENT_DATA[((i++))]="/var/ossec/active-response/bin"
PERMANENT_DATA[((i++))]="/var/ossec/wodles"
PERMANENT_DATA[((i++))]="/etc/filebeat"
@@ -16,16 +14,6 @@ export PERMANENT_DATA
# Files mounted in a volume that should not be permanent
i=0
PERMANENT_DATA_EXCP[((i++))]="/var/ossec/etc/internal_options.conf"
-PERMANENT_DATA_EXCP[((i++))]="/var/ossec/integrations/slack"
-PERMANENT_DATA_EXCP[((i++))]="/var/ossec/integrations/slack.py"
-PERMANENT_DATA_EXCP[((i++))]="/var/ossec/integrations/virustotal"
-PERMANENT_DATA_EXCP[((i++))]="/var/ossec/integrations/virustotal.py"
-PERMANENT_DATA_EXCP[((i++))]="/var/ossec/integrations/shuffle"
-PERMANENT_DATA_EXCP[((i++))]="/var/ossec/integrations/shuffle.py"
-PERMANENT_DATA_EXCP[((i++))]="/var/ossec/integrations/pagerduty"
-PERMANENT_DATA_EXCP[((i++))]="/var/ossec/integrations/pagerduty.py"
-PERMANENT_DATA_EXCP[((i++))]="/var/ossec/integrations/maltiverse"
-PERMANENT_DATA_EXCP[((i++))]="/var/ossec/integrations/maltiverse.py"
PERMANENT_DATA_EXCP[((i++))]="/var/ossec/active-response/bin/default-firewall-drop"
PERMANENT_DATA_EXCP[((i++))]="/var/ossec/active-response/bin/disable-account"
PERMANENT_DATA_EXCP[((i++))]="/var/ossec/active-response/bin/firewalld-drop"
@@ -41,18 +29,6 @@ PERMANENT_DATA_EXCP[((i++))]="/var/ossec/active-response/bin/pf"
PERMANENT_DATA_EXCP[((i++))]="/var/ossec/active-response/bin/restart-wazuh"
PERMANENT_DATA_EXCP[((i++))]="/var/ossec/active-response/bin/restart.sh"
PERMANENT_DATA_EXCP[((i++))]="/var/ossec/active-response/bin/route-null"
-PERMANENT_DATA_EXCP[((i++))]="/var/ossec/agentless/sshlogin.exp"
-PERMANENT_DATA_EXCP[((i++))]="/var/ossec/agentless/ssh_pixconfig_diff"
-PERMANENT_DATA_EXCP[((i++))]="/var/ossec/agentless/ssh_asa-fwsmconfig_diff"
-PERMANENT_DATA_EXCP[((i++))]="/var/ossec/agentless/ssh_integrity_check_bsd"
-PERMANENT_DATA_EXCP[((i++))]="/var/ossec/agentless/main.exp"
-PERMANENT_DATA_EXCP[((i++))]="/var/ossec/agentless/su.exp"
-PERMANENT_DATA_EXCP[((i++))]="/var/ossec/agentless/ssh_integrity_check_linux"
-PERMANENT_DATA_EXCP[((i++))]="/var/ossec/agentless/register_host.sh"
-PERMANENT_DATA_EXCP[((i++))]="/var/ossec/agentless/ssh_generic_diff"
-PERMANENT_DATA_EXCP[((i++))]="/var/ossec/agentless/ssh_foundry_diff"
-PERMANENT_DATA_EXCP[((i++))]="/var/ossec/agentless/ssh_nopass.exp"
-PERMANENT_DATA_EXCP[((i++))]="/var/ossec/agentless/ssh.exp"
PERMANENT_DATA_EXCP[((i++))]="/var/ossec/wodles/utils.py"
PERMANENT_DATA_EXCP[((i++))]="/var/ossec/wodles/aws/aws-s3"
PERMANENT_DATA_EXCP[((i++))]="/var/ossec/wodles/aws/aws-s3.py"
diff --git a/docs/ref/configuration/configuration-files.md b/docs/ref/configuration/configuration-files.md
index 4965b89e..429a85f5 100644
--- a/docs/ref/configuration/configuration-files.md
+++ b/docs/ref/configuration/configuration-files.md
@@ -2,7 +2,7 @@
### 1. Wazuh Manager Configuration
-* **`ossec.conf`**: The main configuration file for the Wazuh manager. It controls rules, decoders, agent enrollment, active responses, integrations, clustering, and more.
+* **`ossec.conf`**: The main configuration file for the Wazuh manager. It controls rules, decoders, agent enrollment, active responses, clustering, and more.
* **Customization**: Mount a custom `ossec.conf` or specific configuration snippets (e.g., local rules in `local_rules.xml`) into the manager container at `/wazuh-mount-point/`, which will be copied to the path `/var/ossec` (e.g., the file `/var/ossec/etc/ossec.conf` must be mounted at `/wazuh-mount-point/etc/ossec.conf`) .
### 2. Wazuh Indexer Configuration
diff --git a/multi-node/Migration-to-Wazuh-4.4.md b/multi-node/Migration-to-Wazuh-4.4.md
index 3ff10a84..0d192f2c 100644
--- a/multi-node/Migration-to-Wazuh-4.4.md
+++ b/multi-node/Migration-to-Wazuh-4.4.md
@@ -80,13 +80,6 @@ docker volume create \
multi-node_master-wazuh-var-multigroups
```
```
-docker volume create \
- --label com.docker.compose.project=multi-node \
- --label com.docker.compose.version=1.25.0 \
- --label com.docker.compose.volume=master-wazuh-integrations \
- multi-node_master-wazuh-integrations
-```
-```
docker volume create \
--label com.docker.compose.project=multi-node \
--label com.docker.compose.version=1.25.0 \
@@ -94,13 +87,6 @@ docker volume create \
multi-node_master-wazuh-active-response
```
```
-docker volume create \
- --label com.docker.compose.project=multi-node \
- --label com.docker.compose.version=1.25.0 \
- --label com.docker.compose.volume=master-wazuh-agentless \
- multi-node_master-wazuh-agentless
-```
-```
docker volume create \
--label com.docker.compose.project=multi-node \
--label com.docker.compose.version=1.25.0 \
@@ -157,13 +143,6 @@ docker volume create \
multi-node_worker-wazuh-var-multigroups
```
```
-docker volume create \
- --label com.docker.compose.project=multi-node \
- --label com.docker.compose.version=1.25.0 \
- --label com.docker.compose.volume=worker-wazuh-integrations \
- multi-node_worker-wazuh-integrations
-```
-```
docker volume create \
--label com.docker.compose.project=multi-node \
--label com.docker.compose.version=1.25.0 \
@@ -171,13 +150,6 @@ docker volume create \
multi-node_worker-wazuh-active-response
```
```
-docker volume create \
- --label com.docker.compose.project=multi-node \
- --label com.docker.compose.version=1.25.0 \
- --label com.docker.compose.volume=worker-wazuh-agentless \
- multi-node_worker-wazuh-agentless
-```
-```
docker volume create \
--label com.docker.compose.project=multi-node \
--label com.docker.compose.version=1.25.0 \
@@ -248,24 +220,12 @@ docker container run --rm -it \
alpine ash -c "cd /from ; cp -avp . /to"
```
```
-docker container run --rm -it \
- -v wazuh-docker_ossec-integrations:/from \
- -v multi-node_master-wazuh-integrations:/to \
- alpine ash -c "cd /from ; cp -avp . /to"
-```
-```
docker container run --rm -it \
-v wazuh-docker_ossec-active-response:/from \
-v multi-node_master-wazuh-active-response:/to \
alpine ash -c "cd /from ; cp -avp . /to"
```
```
-docker container run --rm -it \
- -v wazuh-docker_ossec-agentless:/from \
- -v multi-node_master-wazuh-agentless:/to \
- alpine ash -c "cd /from ; cp -avp . /to"
-```
-```
docker container run --rm -it \
-v wazuh-docker_ossec-wodles:/from \
-v multi-node_master-wazuh-wodles:/to \
@@ -314,24 +274,12 @@ docker container run --rm -it \
alpine ash -c "cd /from ; cp -avp . /to"
```
```
-docker container run --rm -it \
- -v wazuh-docker_worker-ossec-integrations:/from \
- -v multi-node_worker-wazuh-integrations:/to \
- alpine ash -c "cd /from ; cp -avp . /to"
-```
-```
docker container run --rm -it \
-v wazuh-docker_worker-ossec-active-response:/from \
-v multi-node_worker-wazuh-active-response:/to \
alpine ash -c "cd /from ; cp -avp . /to"
```
```
-docker container run --rm -it \
- -v wazuh-docker_worker-ossec-agentless:/from \
- -v multi-node_worker-wazuh-agentless:/to \
- alpine ash -c "cd /from ; cp -avp . /to"
-```
-```
docker container run --rm -it \
-v wazuh-docker_worker-ossec-wodles:/from \
-v multi-node_worker-wazuh-wodles:/to \
diff --git a/multi-node/config/wazuh_cluster/wazuh_manager.conf b/multi-node/config/wazuh_cluster/wazuh_manager.conf
index b1f32c8b..600b3e88 100644
--- a/multi-node/config/wazuh_cluster/wazuh_manager.conf
+++ b/multi-node/config/wazuh_cluster/wazuh_manager.conf
@@ -1,24 +1,10 @@
- yes
- yes
- no
- no
- no
- smtp.example.wazuh.com
- wazuh@example.wazuh.com
- recipient@example.wazuh.com
- 12
- alerts.log
- 10m
+ 15m
0
+ yes
-
- 3
- 12
-
-
plain
@@ -34,8 +20,6 @@
no
- yes
- yes
yes
yes
yes
@@ -45,31 +29,12 @@
43200
- etc/rootcheck/rootkit_files.txt
- etc/rootcheck/rootkit_trojans.txt
-
yes
+
+ /var/lib/containerd
+ /var/lib/docker/overlay2
-
- yes
- 1800
- 1d
- yes
-
- wodles/java
- wodles/ciscat
-
-
-
-
- yes
- yes
- /var/log/osquery/osqueryd.results.log
- /etc/osquery/osquery.conf
- yes
-
-
no
@@ -81,9 +46,15 @@
yes
yes
yes
+ yes
+ yes
+ yes
+ yes
+ yes
+ 5m
10
@@ -92,7 +63,13 @@
yes
yes
12h
- yes
+
+
+
+ yes
+ 5m
+ 10
+
@@ -124,8 +101,6 @@
43200
- yes
-
yes
@@ -165,13 +140,12 @@
10
- 100
+ 50
yes
5m
- 1h
10
@@ -266,13 +240,6 @@
etc/rules
-
- yes
- 1
- 64
- 15m
-
-
no
@@ -305,9 +272,19 @@
+
+ journald
+ journald
+
+
+
+ audit
+ /var/log/audit/audit.log
+
+
syslog
/var/ossec/logs/active-responses.log
-
+
\ No newline at end of file
diff --git a/multi-node/config/wazuh_cluster/wazuh_worker.conf b/multi-node/config/wazuh_cluster/wazuh_worker.conf
index 7b89dc63..b85335cd 100644
--- a/multi-node/config/wazuh_cluster/wazuh_worker.conf
+++ b/multi-node/config/wazuh_cluster/wazuh_worker.conf
@@ -1,24 +1,10 @@
- yes
- yes
- no
- no
- no
- smtp.example.wazuh.com
- wazuh@example.wazuh.com
- recipient@example.wazuh.com
- 12
- alerts.log
- 10m
+ 15m
0
+ yes
-
- 3
- 12
-
-
plain
@@ -34,8 +20,6 @@
no
- yes
- yes
yes
yes
yes
@@ -45,31 +29,12 @@
43200
- etc/rootcheck/rootkit_files.txt
- etc/rootcheck/rootkit_trojans.txt
-
yes
+
+ /var/lib/containerd
+ /var/lib/docker/overlay2
-
- yes
- 1800
- 1d
- yes
-
- wodles/java
- wodles/ciscat
-
-
-
-
- yes
- yes
- /var/log/osquery/osqueryd.results.log
- /etc/osquery/osquery.conf
- yes
-
-
no
@@ -81,9 +46,15 @@
yes
yes
yes
+ yes
+ yes
+ yes
+ yes
+ yes
+ 5m
10
@@ -92,7 +63,13 @@
yes
yes
12h
- yes
+
+
+
+ yes
+ 5m
+ 10
+
@@ -124,8 +101,6 @@
43200
- yes
-
yes
@@ -165,13 +140,12 @@
10
- 100
+ 50
yes
5m
- 1h
10
@@ -266,13 +240,6 @@
etc/rules
-
- yes
- 1
- 64
- 15m
-
-
no
@@ -305,9 +272,19 @@
+
+ journald
+ journald
+
+
+
+ audit
+ /var/log/audit/audit.log
+
+
syslog
/var/ossec/logs/active-responses.log
-
+
\ No newline at end of file
diff --git a/multi-node/docker-compose.yml b/multi-node/docker-compose.yml
index d67c4eb9..ddf9c9ed 100644
--- a/multi-node/docker-compose.yml
+++ b/multi-node/docker-compose.yml
@@ -31,9 +31,7 @@ services:
- master-wazuh-logs:/var/ossec/logs
- master-wazuh-queue:/var/ossec/queue
- master-wazuh-var-multigroups:/var/ossec/var/multigroups
- - master-wazuh-integrations:/var/ossec/integrations
- master-wazuh-active-response:/var/ossec/active-response/bin
- - master-wazuh-agentless:/var/ossec/agentless
- master-wazuh-wodles:/var/ossec/wodles
- master-filebeat-etc:/etc/filebeat
- master-filebeat-var:/var/lib/filebeat
@@ -67,9 +65,7 @@ services:
- worker-wazuh-logs:/var/ossec/logs
- worker-wazuh-queue:/var/ossec/queue
- worker-wazuh-var-multigroups:/var/ossec/var/multigroups
- - worker-wazuh-integrations:/var/ossec/integrations
- worker-wazuh-active-response:/var/ossec/active-response/bin
- - worker-wazuh-agentless:/var/ossec/agentless
- worker-wazuh-wodles:/var/ossec/wodles
- worker-filebeat-etc:/etc/filebeat
- worker-filebeat-var:/var/lib/filebeat
@@ -198,9 +194,7 @@ volumes:
master-wazuh-logs:
master-wazuh-queue:
master-wazuh-var-multigroups:
- master-wazuh-integrations:
master-wazuh-active-response:
- master-wazuh-agentless:
master-wazuh-wodles:
master-filebeat-etc:
master-filebeat-var:
@@ -209,9 +203,7 @@ volumes:
worker-wazuh-logs:
worker-wazuh-queue:
worker-wazuh-var-multigroups:
- worker-wazuh-integrations:
worker-wazuh-active-response:
- worker-wazuh-agentless:
worker-wazuh-wodles:
worker-filebeat-etc:
worker-filebeat-var:
diff --git a/multi-node/volume-migrator.sh b/multi-node/volume-migrator.sh
index f11a1da6..21c3d255 100755
--- a/multi-node/volume-migrator.sh
+++ b/multi-node/volume-migrator.sh
@@ -46,24 +46,12 @@ docker volume create \
--label com.docker.compose.volume=master-wazuh-var-multigroups \
$2_master-wazuh-var-multigroups
-docker volume create \
- --label com.docker.compose.project=$2 \
- --label com.docker.compose.version=$1 \
- --label com.docker.compose.volume=master-wazuh-integrations \
- $2_master-wazuh-integrations
-
docker volume create \
--label com.docker.compose.project=$2 \
--label com.docker.compose.version=$1 \
--label com.docker.compose.volume=master-wazuh-active-response \
$2_master-wazuh-active-response
-docker volume create \
- --label com.docker.compose.project=$2 \
- --label com.docker.compose.version=$1 \
- --label com.docker.compose.volume=master-wazuh-agentless \
- $2_master-wazuh-agentless
-
docker volume create \
--label com.docker.compose.project=$2 \
--label com.docker.compose.version=$1 \
@@ -112,24 +100,12 @@ docker volume create \
--label com.docker.compose.volume=worker-wazuh-var-multigroups \
$2_worker-wazuh-var-multigroups
-docker volume create \
- --label com.docker.compose.project=$2 \
- --label com.docker.compose.version=$1 \
- --label com.docker.compose.volume=worker-wazuh-integrations \
- $2_worker-wazuh-integrations
-
docker volume create \
--label com.docker.compose.project=$2 \
--label com.docker.compose.version=$1 \
--label com.docker.compose.volume=worker-wazuh-active-response \
$2_worker-wazuh-active-response
-docker volume create \
- --label com.docker.compose.project=$2 \
- --label com.docker.compose.version=$1 \
- --label com.docker.compose.volume=worker-wazuh-agentless \
- $2_worker-wazuh-agentless
-
docker volume create \
--label com.docker.compose.project=$2 \
--label com.docker.compose.version=$1 \
@@ -193,21 +169,11 @@ docker container run --rm -it \
-v $2_master-wazuh-var-multigroups:/to \
alpine ash -c "cd /from ; cp -avp . /to"
-docker container run --rm -it \
- -v wazuh-docker_ossec-integrations:/from \
- -v $2_master-wazuh-integrations:/to \
- alpine ash -c "cd /from ; cp -avp . /to"
-
docker container run --rm -it \
-v wazuh-docker_ossec-active-response:/from \
-v $2_master-wazuh-active-response:/to \
alpine ash -c "cd /from ; cp -avp . /to"
-docker container run --rm -it \
- -v wazuh-docker_ossec-agentless:/from \
- -v $2_master-wazuh-agentless:/to \
- alpine ash -c "cd /from ; cp -avp . /to"
-
docker container run --rm -it \
-v wazuh-docker_ossec-wodles:/from \
-v $2_master-wazuh-wodles:/to \
@@ -248,21 +214,11 @@ docker container run --rm -it \
-v $2_worker-wazuh-var-multigroups:/to \
alpine ash -c "cd /from ; cp -avp . /to"
-docker container run --rm -it \
- -v wazuh-docker_worker-ossec-integrations:/from \
- -v $2_worker-wazuh-integrations:/to \
- alpine ash -c "cd /from ; cp -avp . /to"
-
docker container run --rm -it \
-v wazuh-docker_worker-ossec-active-response:/from \
-v $2_worker-wazuh-active-response:/to \
alpine ash -c "cd /from ; cp -avp . /to"
-docker container run --rm -it \
- -v wazuh-docker_worker-ossec-agentless:/from \
- -v $2_worker-wazuh-agentless:/to \
- alpine ash -c "cd /from ; cp -avp . /to"
-
docker container run --rm -it \
-v wazuh-docker_worker-ossec-wodles:/from \
-v $2_worker-wazuh-wodles:/to \
diff --git a/single-node/config/wazuh_cluster/wazuh_manager.conf b/single-node/config/wazuh_cluster/wazuh_manager.conf
index c5f16dd9..4f00c24d 100644
--- a/single-node/config/wazuh_cluster/wazuh_manager.conf
+++ b/single-node/config/wazuh_cluster/wazuh_manager.conf
@@ -1,24 +1,10 @@
- yes
- yes
- no
- no
- no
- smtp.example.wazuh.com
- wazuh@example.wazuh.com
- recipient@example.wazuh.com
- 12
- alerts.log
- 10m
+ 15m
0
+ yes
-
- 3
- 12
-
-
plain
@@ -34,8 +20,6 @@
no
- yes
- yes
yes
yes
yes
@@ -45,31 +29,12 @@
43200
- etc/rootcheck/rootkit_files.txt
- etc/rootcheck/rootkit_trojans.txt
-
yes
+
+ /var/lib/containerd
+ /var/lib/docker/overlay2
-
- yes
- 1800
- 1d
- yes
-
- wodles/java
- wodles/ciscat
-
-
-
-
- yes
- yes
- /var/log/osquery/osqueryd.results.log
- /etc/osquery/osquery.conf
- yes
-
-
no
@@ -81,9 +46,15 @@
yes
yes
yes
+ yes
+ yes
+ yes
+ yes
+ yes
+ 5m
10
@@ -92,7 +63,13 @@
yes
yes
12h
- yes
+
+
+
+ yes
+ 5m
+ 10
+
@@ -122,8 +99,6 @@
43200
- yes
-
yes
@@ -163,13 +138,12 @@
10
- 100
+ 50
yes
5m
- 1h
10
@@ -264,13 +238,6 @@
etc/rules
-
- yes
- 1
- 64
- 15m
-
-
no
@@ -303,9 +270,19 @@
+
+ journald
+ journald
+
+
+
+ audit
+ /var/log/audit/audit.log
+
+
syslog
/var/ossec/logs/active-responses.log
-
+
\ No newline at end of file
diff --git a/single-node/docker-compose.yml b/single-node/docker-compose.yml
index 8ad1c4a2..365ab29b 100644
--- a/single-node/docker-compose.yml
+++ b/single-node/docker-compose.yml
@@ -32,9 +32,7 @@ services:
- wazuh_logs:/var/ossec/logs
- wazuh_queue:/var/ossec/queue
- wazuh_var_multigroups:/var/ossec/var/multigroups
- - wazuh_integrations:/var/ossec/integrations
- wazuh_active_response:/var/ossec/active-response/bin
- - wazuh_agentless:/var/ossec/agentless
- wazuh_wodles:/var/ossec/wodles
- filebeat_etc:/etc/filebeat
- filebeat_var:/var/lib/filebeat
@@ -102,9 +100,7 @@ volumes:
wazuh_logs:
wazuh_queue:
wazuh_var_multigroups:
- wazuh_integrations:
wazuh_active_response:
- wazuh_agentless:
wazuh_wodles:
filebeat_etc:
filebeat_var: