From 393956be6a1b89dda6b937cb741750925adcb030 Mon Sep 17 00:00:00 2001 From: Jesus Garcia Date: Mon, 19 May 2025 12:37:09 -0500 Subject: [PATCH 01/15] Bump from 4.13.0 to 4.14.0 --- .env | 6 +++--- .github/.goss.yaml | 2 +- .../workflows/Procedure_push_docker_images.yml | 4 ++-- CHANGELOG.md | 18 ++++++++++++++++++ VERSION.json | 2 +- build-docker-images/README.md | 4 ++-- build-docker-images/build-images.sh | 4 ++-- .../wazuh-dashboard/config/config.sh | 4 ++-- .../wazuh-indexer/config/config.sh | 4 ++-- indexer-certs-creator/config/entrypoint.sh | 4 ++-- multi-node/docker-compose.yml | 12 ++++++------ single-node/docker-compose.yml | 6 +++--- 12 files changed, 44 insertions(+), 26 deletions(-) diff --git a/.env b/.env index 7af5f540..e2c2fa20 100755 --- a/.env +++ b/.env @@ -1,6 +1,6 @@ -WAZUH_VERSION=4.13.0 -WAZUH_IMAGE_VERSION=4.13.0 +WAZUH_VERSION=4.14.0 +WAZUH_IMAGE_VERSION=4.14.0 WAZUH_TAG_REVISION=1 -FILEBEAT_TEMPLATE_BRANCH=4.13.0 +FILEBEAT_TEMPLATE_BRANCH=4.14.0 WAZUH_FILEBEAT_MODULE=wazuh-filebeat-0.4.tar.gz WAZUH_UI_REVISION=1 diff --git a/.github/.goss.yaml b/.github/.goss.yaml index fcdc65e2..e80425a5 100644 --- a/.github/.goss.yaml +++ b/.github/.goss.yaml @@ -56,7 +56,7 @@ package: wazuh-manager: installed: true versions: - - 4.13.0 + - 4.14.0 port: tcp:1514: listening: true diff --git a/.github/workflows/Procedure_push_docker_images.yml b/.github/workflows/Procedure_push_docker_images.yml index eccff387..f0af08fa 100644 --- a/.github/workflows/Procedure_push_docker_images.yml +++ b/.github/workflows/Procedure_push_docker_images.yml @@ -6,7 +6,7 @@ on: inputs: image_tag: description: 'Docker image tag' - default: '4.13.0' + default: '4.14.0' required: true docker_reference: description: 'wazuh-docker reference' @@ -41,7 +41,7 @@ on: inputs: image_tag: description: 'Docker image tag' - default: '4.13.0' + default: '4.14.0' required: true type: string docker_reference: diff --git a/CHANGELOG.md b/CHANGELOG.md index 57053b88..806d33ac 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -1,6 +1,24 @@ # Change Log All notable changes to this project will be documented in this file. +## [4.14.0] + +### Added + +- None + +### Changed + +- None + +### Fixed + +- None + +### Deleted + +- None + ## [4.13.0] ### Added diff --git a/VERSION.json b/VERSION.json index dfee93c3..af2b5c0b 100644 --- a/VERSION.json +++ b/VERSION.json @@ -1,4 +1,4 @@ { - "version": "4.13.0", + "version": "4.14.0", "stage": "alpha0" } diff --git a/build-docker-images/README.md b/build-docker-images/README.md index a10e1e9b..7b7e3029 100644 --- a/build-docker-images/README.md +++ b/build-docker-images/README.md @@ -13,7 +13,7 @@ This script initializes the environment variables needed to build each of the im The script allows you to build images from other versions of Wazuh, to do this you must use the -v or --version argument: ``` -$ build-docker-images/build-images.sh -v 4.13.0 +$ build-docker-images/build-images.sh -v 4.14.0 ``` To get all the available script options use the -h or --help option: @@ -26,7 +26,7 @@ Usage: build-docker-images/build-images.sh [OPTIONS] -d, --dev [Optional] Set the development stage you want to build, example rc1 or beta1, not used by default. -f, --filebeat-module [Optional] Set Filebeat module version. By default 0.4. -r, --revision [Optional] Package revision. By default 1 - -v, --version [Optional] Set the Wazuh version should be builded. By default, 4.13.0. + -v, --version [Optional] Set the Wazuh version should be builded. By default, 4.14.0. -h, --help Show this help. ``` \ No newline at end of file diff --git a/build-docker-images/build-images.sh b/build-docker-images/build-images.sh index 7d2e9948..ac0457f8 100755 --- a/build-docker-images/build-images.sh +++ b/build-docker-images/build-images.sh @@ -1,4 +1,4 @@ -WAZUH_IMAGE_VERSION=4.13.0 +WAZUH_IMAGE_VERSION=4.14.0 WAZUH_VERSION=$(echo $WAZUH_IMAGE_VERSION | sed -e 's/\.//g') WAZUH_TAG_REVISION=1 WAZUH_CURRENT_VERSION=$(curl --silent https://api.github.com/repos/wazuh/wazuh/releases/latest | grep '["]tag_name["]:' | sed -E 's/.*\"([^\"]+)\".*/\1/' | cut -c 2- | sed -e 's/\.//g') @@ -12,7 +12,7 @@ IMAGE_VERSION=${WAZUH_IMAGE_VERSION} # License (version 2) as published by the FSF - Free Software # Foundation. -WAZUH_IMAGE_VERSION="4.13.0" +WAZUH_IMAGE_VERSION="4.14.0" WAZUH_TAG_REVISION="1" WAZUH_DEV_STAGE="" FILEBEAT_MODULE_VERSION="0.4" diff --git a/build-docker-images/wazuh-dashboard/config/config.sh b/build-docker-images/wazuh-dashboard/config/config.sh index 92dc9c2e..6c787e4c 100644 --- a/build-docker-images/wazuh-dashboard/config/config.sh +++ b/build-docker-images/wazuh-dashboard/config/config.sh @@ -9,8 +9,8 @@ export CONFIG_DIR=${INSTALLATION_DIR}/config ## Variables CERT_TOOL=wazuh-certs-tool.sh -PACKAGES_URL=https://packages.wazuh.com/4.13/ -PACKAGES_DEV_URL=https://packages-dev.wazuh.com/4.13/ +PACKAGES_URL=https://packages.wazuh.com/4.14/ +PACKAGES_DEV_URL=https://packages-dev.wazuh.com/4.14/ ## Check if the cert tool exists in S3 buckets CERT_TOOL_PACKAGES=$(curl --silent -I $PACKAGES_URL$CERT_TOOL | grep -E "^HTTP" | awk '{print $2}') diff --git a/build-docker-images/wazuh-indexer/config/config.sh b/build-docker-images/wazuh-indexer/config/config.sh index 94d55d43..ebc86fd1 100644 --- a/build-docker-images/wazuh-indexer/config/config.sh +++ b/build-docker-images/wazuh-indexer/config/config.sh @@ -22,8 +22,8 @@ export REPO_DIR=/unattended_installer ## Variables CERT_TOOL=wazuh-certs-tool.sh PASSWORD_TOOL=wazuh-passwords-tool.sh -PACKAGES_URL=https://packages.wazuh.com/4.13/ -PACKAGES_DEV_URL=https://packages-dev.wazuh.com/4.13/ +PACKAGES_URL=https://packages.wazuh.com/4.14/ +PACKAGES_DEV_URL=https://packages-dev.wazuh.com/4.14/ ## Check if the cert tool exists in S3 buckets CERT_TOOL_PACKAGES=$(curl --silent -I $PACKAGES_URL$CERT_TOOL | grep -E "^HTTP" | awk '{print $2}') diff --git a/indexer-certs-creator/config/entrypoint.sh b/indexer-certs-creator/config/entrypoint.sh index f9529b89..51aedbcd 100644 --- a/indexer-certs-creator/config/entrypoint.sh +++ b/indexer-certs-creator/config/entrypoint.sh @@ -8,8 +8,8 @@ ## Variables CERT_TOOL=wazuh-certs-tool.sh PASSWORD_TOOL=wazuh-passwords-tool.sh -PACKAGES_URL=https://packages.wazuh.com/4.13/ -PACKAGES_DEV_URL=https://packages-dev.wazuh.com/4.13/ +PACKAGES_URL=https://packages.wazuh.com/4.14/ +PACKAGES_DEV_URL=https://packages-dev.wazuh.com/4.14/ ## Check if the cert tool exists in S3 buckets CERT_TOOL_PACKAGES=$(curl --silent -I $PACKAGES_URL$CERT_TOOL | grep -E "^HTTP" | awk '{print $2}') diff --git a/multi-node/docker-compose.yml b/multi-node/docker-compose.yml index bff74cfd..57614484 100644 --- a/multi-node/docker-compose.yml +++ b/multi-node/docker-compose.yml @@ -3,7 +3,7 @@ version: '3.7' services: wazuh.master: - image: wazuh/wazuh-manager:4.13.0 + image: wazuh/wazuh-manager:4.14.0 hostname: wazuh.master restart: always ulimits: @@ -45,7 +45,7 @@ services: - ./config/wazuh_cluster/wazuh_manager.conf:/wazuh-config-mount/etc/ossec.conf wazuh.worker: - image: wazuh/wazuh-manager:4.13.0 + image: wazuh/wazuh-manager:4.14.0 hostname: wazuh.worker restart: always ulimits: @@ -81,7 +81,7 @@ services: - ./config/wazuh_cluster/wazuh_worker.conf:/wazuh-config-mount/etc/ossec.conf wazuh1.indexer: - image: wazuh/wazuh-indexer:4.13.0 + image: wazuh/wazuh-indexer:4.14.0 hostname: wazuh1.indexer restart: always ports: @@ -107,7 +107,7 @@ services: - ./config/wazuh_indexer/internal_users.yml:/usr/share/wazuh-indexer/opensearch-security/internal_users.yml wazuh2.indexer: - image: wazuh/wazuh-indexer:4.13.0 + image: wazuh/wazuh-indexer:4.14.0 hostname: wazuh2.indexer restart: always environment: @@ -129,7 +129,7 @@ services: - ./config/wazuh_indexer/internal_users.yml:/usr/share/wazuh-indexer/opensearch-security/internal_users.yml wazuh3.indexer: - image: wazuh/wazuh-indexer:4.13.0 + image: wazuh/wazuh-indexer:4.14.0 hostname: wazuh3.indexer restart: always environment: @@ -151,7 +151,7 @@ services: - ./config/wazuh_indexer/internal_users.yml:/usr/share/wazuh-indexer/opensearch-security/internal_users.yml wazuh.dashboard: - image: wazuh/wazuh-dashboard:4.13.0 + image: wazuh/wazuh-dashboard:4.14.0 hostname: wazuh.dashboard restart: always ports: diff --git a/single-node/docker-compose.yml b/single-node/docker-compose.yml index 18befd60..7b1ea0cb 100644 --- a/single-node/docker-compose.yml +++ b/single-node/docker-compose.yml @@ -3,7 +3,7 @@ version: '3.7' services: wazuh.manager: - image: wazuh/wazuh-manager:4.13.0 + image: wazuh/wazuh-manager:4.14.0 hostname: wazuh.manager restart: always ulimits: @@ -46,7 +46,7 @@ services: - ./config/wazuh_cluster/wazuh_manager.conf:/wazuh-config-mount/etc/ossec.conf wazuh.indexer: - image: wazuh/wazuh-indexer:4.13.0 + image: wazuh/wazuh-indexer:4.14.0 hostname: wazuh.indexer restart: always ports: @@ -71,7 +71,7 @@ services: - ./config/wazuh_indexer/internal_users.yml:/usr/share/wazuh-indexer/opensearch-security/internal_users.yml wazuh.dashboard: - image: wazuh/wazuh-dashboard:4.13.0 + image: wazuh/wazuh-dashboard:4.14.0 hostname: wazuh.dashboard restart: always ports: From b3262414004a7efbd09a3c53d8c16611f9300344 Mon Sep 17 00:00:00 2001 From: fcaffieri Date: Thu, 29 May 2025 09:28:09 -0300 Subject: [PATCH 02/15] Remove 4.12.2 references from 4.14.0 branch --- CHANGELOG.md | 26 ++++---------------------- 1 file changed, 4 insertions(+), 22 deletions(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index d4bc685f..64358839 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -24,6 +24,10 @@ All notable changes to this project will be documented in this file. ### Added - Added repository_bumper script. ([#1781](https://github.com/wazuh/wazuh-docker/pull/1781)) +- Fix Warning message when migrating Docker compose v2 ([#1828](https://github.com/wazuh/wazuh-docker/pull/1828)) +- Add technical documentation ([#1822](https://github.com/wazuh/wazuh-docker/pull/1822)) +- Add wazuh agent test and push ([#1817](https://github.com/wazuh/wazuh-docker/pull/1817)) +- Add Wazuh agent image build and deploy ([#1816](https://github.com/wazuh/wazuh-docker/pull/1816)) ### Changed @@ -38,28 +42,6 @@ All notable changes to this project will be documented in this file. - Remove default docker reference version from workflow ([#1761](https://github.com/wazuh/wazuh-docker/pull/1761)) - Remove 'stable' branch ocurrencies ([#1757](https://github.com/wazuh/wazuh-docker/pull/1757)) -## [4.12.2] - -### Added - -- Fix Warning message when migrating Docker compose v2 ([#1828](https://github.com/wazuh/wazuh-docker/pull/1828)) -- Add technical documentation ([#1822](https://github.com/wazuh/wazuh-docker/pull/1822)) -- Add wazuh agent test and push ([#1817](https://github.com/wazuh/wazuh-docker/pull/1817)) -- Add Wazuh agent image build and deploy ([#1816](https://github.com/wazuh/wazuh-docker/pull/1816)) - -### Changed - -- None - -### Fixed - -- None - -### Deleted - -- None - - ## [4.12.1] ### Added From aa46ce20794b3a7865c8e46df75caadd6d357d2e Mon Sep 17 00:00:00 2001 From: vcerenu Date: Fri, 30 May 2025 10:05:47 -0300 Subject: [PATCH 03/15] Bump 4.14.0 technical documentation --- README.md | 2 +- docs/dev/build-image.md | 4 ++-- docs/dev/introduction.md | 2 +- docs/dev/setup.md | 6 +++--- docs/ref/Introduction/description.md | 6 +++--- docs/ref/Introduction/introduction.md | 4 ++-- docs/ref/configuration/configuration-files.md | 2 +- docs/ref/configuration/configuration.md | 2 +- docs/ref/getting-started/deployment/deployment.md | 6 +++--- docs/ref/getting-started/getting-started.md | 6 +++--- docs/ref/getting-started/requirements.md | 2 +- docs/ref/glossary.md | 6 +++--- wazuh-agent/docker-compose.yml | 2 +- 13 files changed, 25 insertions(+), 25 deletions(-) diff --git a/README.md b/README.md index 18e3a596..8440a4b3 100644 --- a/README.md +++ b/README.md @@ -18,7 +18,7 @@ The `wazuh/wazuh-docker` repository provides resources to deploy the Wazuh cyber ## Branch Convention - `main`: Developing and testing of new features. -- `X.Y.Z`: Version-specific branches (e.g., `4.12.2`, `4.11.0`, etc.). +- `X.Y.Z`: Version-specific branches (e.g., `4.14.0`, `4.13.0`, etc.). ## Documentation diff --git a/docs/dev/build-image.md b/docs/dev/build-image.md index 58a7c734..7b7e3029 100644 --- a/docs/dev/build-image.md +++ b/docs/dev/build-image.md @@ -13,7 +13,7 @@ This script initializes the environment variables needed to build each of the im The script allows you to build images from other versions of Wazuh, to do this you must use the -v or --version argument: ``` -$ build-docker-images/build-images.sh -v 4.12.2 +$ build-docker-images/build-images.sh -v 4.14.0 ``` To get all the available script options use the -h or --help option: @@ -26,7 +26,7 @@ Usage: build-docker-images/build-images.sh [OPTIONS] -d, --dev [Optional] Set the development stage you want to build, example rc1 or beta1, not used by default. -f, --filebeat-module [Optional] Set Filebeat module version. By default 0.4. -r, --revision [Optional] Package revision. By default 1 - -v, --version [Optional] Set the Wazuh version should be builded. By default, 4.12.2. + -v, --version [Optional] Set the Wazuh version should be builded. By default, 4.14.0. -h, --help Show this help. ``` \ No newline at end of file diff --git a/docs/dev/introduction.md b/docs/dev/introduction.md index 56e13df2..a03aefaf 100644 --- a/docs/dev/introduction.md +++ b/docs/dev/introduction.md @@ -1,6 +1,6 @@ # Development Guide - Introduction -Welcome to the Development Guide for Wazuh-docker version 4.12.2. This guide is intended for developers, contributors, and advanced users who wish to understand the development aspects of the Wazuh-Docker project, build custom Docker images, or contribute to its development. +Welcome to the Development Guide for Wazuh-docker version 4.14.0. This guide is intended for developers, contributors, and advanced users who wish to understand the development aspects of the Wazuh-Docker project, build custom Docker images, or contribute to its development. ## Purpose of This Guide diff --git a/docs/dev/setup.md b/docs/dev/setup.md index 3c9d37d5..2f611777 100644 --- a/docs/dev/setup.md +++ b/docs/dev/setup.md @@ -1,6 +1,6 @@ # Development Guide - Setup Environment -This section outlines the steps required to set up your local development environment for working with the Wazuh-Docker project (version 4.12.2). A proper setup is crucial for building images, running tests, and contributing effectively. +This section outlines the steps required to set up your local development environment for working with the Wazuh-Docker project (version 4.14.0). A proper setup is crucial for building images, running tests, and contributing effectively. ## Prerequisites @@ -26,12 +26,12 @@ Before you begin, ensure your system meets the following requirements: Follow these steps to prepare your development environment: 1. **Clone the Repository**: - Clone the `wazuh-docker` repository from GitHub. It's important to check out the specific branch you intend to work with, in this case, `4.12.2`. + Clone the `wazuh-docker` repository from GitHub. It's important to check out the specific branch you intend to work with, in this case, `4.14.0`. ```bash git clone [https://github.com/wazuh/wazuh-docker.git](https://github.com/wazuh/wazuh-docker.git) cd wazuh-docker - git checkout 4.12.2 + git checkout v4.14.0 ``` 2. **Verify Docker Installation**: diff --git a/docs/ref/Introduction/description.md b/docs/ref/Introduction/description.md index 917fbfe1..058317e7 100644 --- a/docs/ref/Introduction/description.md +++ b/docs/ref/Introduction/description.md @@ -1,6 +1,6 @@ # Reference Manual - Description -This section provides a detailed description of Wazuh-docker (version 4.12.2), its components, and its architecture when deployed using Docker containers. Understanding these aspects is key to effectively deploying and managing your Wazuh environment. +This section provides a detailed description of Wazuh-docker (version 4.14.0), its components, and its architecture when deployed using Docker containers. Understanding these aspects is key to effectively deploying and managing your Wazuh environment. ## What is Wazuh? @@ -18,7 +18,7 @@ Wazuh-docker is a project that provides Docker images and `docker compose` confi ## Core Components in Wazuh-Docker -The Wazuh-Docker project typically provides images for the following core Wazuh components, adapted for version 4.12.2: +The Wazuh-Docker project typically provides images for the following core Wazuh components, adapted for version 4.14.0: 1. **Wazuh Manager**: - The central component that collects and analyzes data from deployed Wazuh agents. @@ -28,7 +28,7 @@ The Wazuh-Docker project typically provides images for the following core Wazuh 2. **Wazuh Indexer**: - A highly scalable, full-text search and analytics engine. - Based on OpenSearch (or historically Elasticsearch), it stores and indexes alerts and monitoring data generated by the Wazuh manager. - - The Wazuh indexer container provides the data persistence layer for Wazuh alerts and events. For version 4.12.2, this is typically an OpenSearch-based component. + - The Wazuh indexer container provides the data persistence layer for Wazuh alerts and events. For version 4.14.0, this is typically an OpenSearch-based component. 3. **Wazuh Dashboard**: - A flexible visualization tool based on OpenSearch Dashboards (or historically Kibana). diff --git a/docs/ref/Introduction/introduction.md b/docs/ref/Introduction/introduction.md index 486322e4..957fd9bb 100644 --- a/docs/ref/Introduction/introduction.md +++ b/docs/ref/Introduction/introduction.md @@ -1,6 +1,6 @@ # Reference Manual - Introduction -Welcome to the Reference Manual for Wazuh-Docker, version 4.12.2. This manual provides comprehensive information about deploying, configuring, and managing your Wazuh environment using Docker. +Welcome to the Reference Manual for Wazuh-Docker, version 4.14.0. This manual provides comprehensive information about deploying, configuring, and managing your Wazuh environment using Docker. ## Purpose of This Manual @@ -44,4 +44,4 @@ This manual is structured to help you find information efficiently: - If you need to customize your deployment, refer to the [Configuration](configuration/configuration.md) section. - For specific terms or concepts, consult the [Glossary](glossary.md). -This manual refers to version 4.12.2 of Wazuh-Docker. Ensure you are using the documentation that corresponds to your deployed version. +This manual refers to version 4.14.0 of Wazuh-Docker. Ensure you are using the documentation that corresponds to your deployed version. diff --git a/docs/ref/configuration/configuration-files.md b/docs/ref/configuration/configuration-files.md index 4689286f..4f842bba 100644 --- a/docs/ref/configuration/configuration-files.md +++ b/docs/ref/configuration/configuration-files.md @@ -29,4 +29,4 @@ ``` -Consult the official Wazuh documentation for version 4.12.2 for detailed information on all possible configuration parameters for each component. \ No newline at end of file +Consult the official Wazuh documentation for version 4.14.0 for detailed information on all possible configuration parameters for each component. \ No newline at end of file diff --git a/docs/ref/configuration/configuration.md b/docs/ref/configuration/configuration.md index dba9730e..07b5d11c 100644 --- a/docs/ref/configuration/configuration.md +++ b/docs/ref/configuration/configuration.md @@ -1,6 +1,6 @@ # Reference Manual - Configuration -This section details how to configure your Wazuh-Docker deployment (version 4.12.2). Proper configuration is key to tailoring the Wazuh stack to your specific needs, managing data persistence, and integrating with your environment. +This section details how to configure your Wazuh-Docker deployment (version 4.14.0). Proper configuration is key to tailoring the Wazuh stack to your specific needs, managing data persistence, and integrating with your environment. ## Overview of Configuration Methods diff --git a/docs/ref/getting-started/deployment/deployment.md b/docs/ref/getting-started/deployment/deployment.md index c5d3e43f..b6d685ff 100644 --- a/docs/ref/getting-started/deployment/deployment.md +++ b/docs/ref/getting-started/deployment/deployment.md @@ -1,6 +1,6 @@ # Reference Manual - Deployment -This section provides detailed instructions for deploying Wazuh-Docker (version 4.12.2) in various configurations. Choose the deployment model that best suits your needs, from simple single-node setups for testing to more robust multi-node configurations for production environments. +This section provides detailed instructions for deploying Wazuh-Docker (version 4.14.0) in various configurations. Choose the deployment model that best suits your needs, from simple single-node setups for testing to more robust multi-node configurations for production environments. ## Overview of Deployment Options @@ -24,11 +24,11 @@ Ensure you have: - Met all the [System Requirements](ref/getting-started/requirements.md). - Installed Docker and Docker Compose on your host(s). -- Cloned the `wazuh-docker` repository (version `4.12.2`) or downloaded the necessary deployment files. +- Cloned the `wazuh-docker` repository (version `4.14.0`) or downloaded the necessary deployment files. ```bash git clone [https://github.com/wazuh/wazuh-docker.git](https://github.com/wazuh/wazuh-docker.git) cd wazuh-docker - git checkout v4.12.2 + git checkout v4.14.0 ``` - Made a backup of any existing Wazuh data if you are migrating or upgrading. diff --git a/docs/ref/getting-started/getting-started.md b/docs/ref/getting-started/getting-started.md index 4744e477..7e76bf9a 100644 --- a/docs/ref/getting-started/getting-started.md +++ b/docs/ref/getting-started/getting-started.md @@ -1,6 +1,6 @@ # Reference Manual - Getting Started -This section guides you through the initial steps to get your Wazuh-docker (version 4.12.2) environment up and running. We will cover the prerequisites and point you to the deployment instructions. +This section guides you through the initial steps to get your Wazuh-docker (version 4.14.0) environment up and running. We will cover the prerequisites and point you to the deployment instructions. ## Overview @@ -27,11 +27,11 @@ Before diving into the deployment, please ensure you have reviewed: Verify that your host system has sufficient RAM, CPU, and disk space. Ensure Docker and Docker Compose are installed and functioning correctly. 2. **Obtain Wazuh-docker Configuration**: - You'll need the Docker Compose files and any associated configuration files from the `wazuh-docker` repository for version 4.12.2. + You'll need the Docker Compose files and any associated configuration files from the `wazuh-docker` repository for version 4.14.0. ```bash git clone [https://github.com/wazuh/wazuh-docker.git](https://github.com/wazuh/wazuh-docker.git) cd wazuh-docker - git checkout v4.12.2 + git checkout v4.14.0 # Navigate to the specific docker-compose directory, e.g., single-node or multi-node # cd docker-compose/single-node/ (example path) ``` diff --git a/docs/ref/getting-started/requirements.md b/docs/ref/getting-started/requirements.md index 180a315f..b006acdc 100644 --- a/docs/ref/getting-started/requirements.md +++ b/docs/ref/getting-started/requirements.md @@ -1,6 +1,6 @@ # Reference Manual - Requirements -Before deploying Wazuh-Docker (version 4.12.2), it's essential to ensure your environment meets the necessary hardware and software requirements. Meeting these prerequisites will help ensure a stable and performant Wazuh deployment. +Before deploying Wazuh-Docker (version 4.14.0), it's essential to ensure your environment meets the necessary hardware and software requirements. Meeting these prerequisites will help ensure a stable and performant Wazuh deployment. ## Host System Requirements diff --git a/docs/ref/glossary.md b/docs/ref/glossary.md index fb3e6445..fb8d3ed6 100644 --- a/docs/ref/glossary.md +++ b/docs/ref/glossary.md @@ -1,6 +1,6 @@ # Reference Manual - Glossary -This glossary defines key terms and concepts related to Wazuh, Docker, and their use together in the Wazuh-Docker project (version 4.12.2). +This glossary defines key terms and concepts related to Wazuh, Docker, and their use together in the Wazuh-Docker project (version 4.14.0). --- @@ -22,7 +22,7 @@ This glossary defines key terms and concepts related to Wazuh, Docker, and their **D** -- **Dashboard (Wazuh Dashboard / OpenSearch Dashboards / Kibana)**: A web-based visualization tool used to explore, analyze, and visualize data stored in the Wazuh Indexer. It provides dashboards, visualizations, and a query interface for security events and alerts. For Wazuh 4.12.2, this is typically OpenSearch Dashboards. +- **Dashboard (Wazuh Dashboard / OpenSearch Dashboards / Kibana)**: A web-based visualization tool used to explore, analyze, and visualize data stored in the Wazuh Indexer. It provides dashboards, visualizations, and a query interface for security events and alerts. For Wazuh 4.14.0, this is typically OpenSearch Dashboards. - **Decoder**: A component in the Wazuh Manager that parses and extracts relevant information (fields) from raw log messages or event data. - **Docker**: An open platform for developing, shipping, and running applications inside containers. - **Docker Compose**: A tool for defining and running multi-container Docker applications. It uses a YAML file (`docker-compose.yml`) to configure the application's services, networks, and volumes. @@ -42,7 +42,7 @@ This glossary defines key terms and concepts related to Wazuh, Docker, and their **I** -- **Indexer (Wazuh Indexer / OpenSearch / Elasticsearch)**: The component responsible for storing, indexing, and making searchable the alerts and event data generated by the Wazuh Manager. For Wazuh 4.12.2, this is typically OpenSearch. +- **Indexer (Wazuh Indexer / OpenSearch / Elasticsearch)**: The component responsible for storing, indexing, and making searchable the alerts and event data generated by the Wazuh Manager. For Wazuh 4.14.0, this is typically OpenSearch. **L** diff --git a/wazuh-agent/docker-compose.yml b/wazuh-agent/docker-compose.yml index 3912908f..46243742 100644 --- a/wazuh-agent/docker-compose.yml +++ b/wazuh-agent/docker-compose.yml @@ -3,7 +3,7 @@ version: '3.7' services: wazuh.agent: - image: wazuh/wazuh-agent:4.12.1 + image: wazuh/wazuh-agent:4.14.0 restart: always environment: - WAZUH_MANAGER_SERVER= From d5e4917414be808cc1d637e1535fc67395bfa4c4 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Carlos=20Anguita=20L=C3=B3pez?= Date: Tue, 10 Jun 2025 16:46:57 +0200 Subject: [PATCH 04/15] change the output when checking if the cert tool exists --- indexer-certs-creator/config/entrypoint.sh | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/indexer-certs-creator/config/entrypoint.sh b/indexer-certs-creator/config/entrypoint.sh index 51aedbcd..fa098c50 100644 --- a/indexer-certs-creator/config/entrypoint.sh +++ b/indexer-certs-creator/config/entrypoint.sh @@ -12,8 +12,8 @@ PACKAGES_URL=https://packages.wazuh.com/4.14/ PACKAGES_DEV_URL=https://packages-dev.wazuh.com/4.14/ ## Check if the cert tool exists in S3 buckets -CERT_TOOL_PACKAGES=$(curl --silent -I $PACKAGES_URL$CERT_TOOL | grep -E "^HTTP" | awk '{print $2}') -CERT_TOOL_PACKAGES_DEV=$(curl --silent -I $PACKAGES_DEV_URL$CERT_TOOL | grep -E "^HTTP" | awk '{print $2}') +CERT_TOOL_PACKAGES=$(curl --silent --head --location --output /dev/null --write-out "%{http_code}" "$PACKAGES_URL$CERT_TOOL") +CERT_TOOL_PACKAGES_DEV=$(curl --silent --head --location --output /dev/null --write-out "%{http_code}" "$PACKAGES_DEV_URL$CERT_TOOL") ## If cert tool exists in some bucket, download it, if not exit 1 if [ "$CERT_TOOL_PACKAGES" = "200" ]; then From c6369f9463c8174a1c1908dbb83398f1c4378eeb Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Carlos=20Anguita=20L=C3=B3pez?= Date: Wed, 11 Jun 2025 12:31:24 +0200 Subject: [PATCH 05/15] update changelog --- CHANGELOG.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index ef2839e5..2c1980e9 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -9,7 +9,7 @@ All notable changes to this project will be documented in this file. ### Changed -- None +- Change validation of existing certs tool in S3 buckets ([#1880](https://github.com/wazuh/wazuh-docker/pull/1880)) ### Fixed From bca60dd0b699cbe855ce5b0d6c4a6412877c5bde Mon Sep 17 00:00:00 2001 From: Enrique Araque Date: Fri, 20 Jun 2025 11:43:37 +0200 Subject: [PATCH 06/15] add filebeat config file in the exclusion path --- build-docker-images/wazuh-manager/config/permanent_data.env | 1 + 1 file changed, 1 insertion(+) diff --git a/build-docker-images/wazuh-manager/config/permanent_data.env b/build-docker-images/wazuh-manager/config/permanent_data.env index 33f1b92c..d18899ab 100644 --- a/build-docker-images/wazuh-manager/config/permanent_data.env +++ b/build-docker-images/wazuh-manager/config/permanent_data.env @@ -100,6 +100,7 @@ PERMANENT_DATA_EXCP[((i++))]="/var/ossec/wodles/gcloud/pubsub/subscriber.py" PERMANENT_DATA_EXCP[((i++))]="/var/ossec/etc/lists/malicious-ioc/malicious-ip" PERMANENT_DATA_EXCP[((i++))]="/var/ossec/etc/lists/malicious-ioc/malicious-domains" PERMANENT_DATA_EXCP[((i++))]="/var/ossec/etc/lists/malicious-ioc/malware-hashes" +PERMANENT_DATA_EXCP[((i++))]="/etc/filebeat/filebeat.yml" export PERMANENT_DATA_EXCP # Files mounted in a volume that should be deleted From a5d961040aed6e52a9bc6684de28b40268f3bd33 Mon Sep 17 00:00:00 2001 From: Enrique Araque Date: Fri, 20 Jun 2025 13:18:05 +0200 Subject: [PATCH 07/15] Update changelog --- CHANGELOG.md | 1 + 1 file changed, 1 insertion(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 0bbf0e09..f25a77c7 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -9,6 +9,7 @@ All notable changes to this project will be documented in this file. ### Changed +- Add filebeat config file in the PERMANENT_DATA_EXCP list ([#1898](https://github.com/wazuh/wazuh-docker/pull/1898)) - Change validation of existing certs tool in S3 buckets ([#1880](https://github.com/wazuh/wazuh-docker/pull/1880)) ### Fixed From 60e43e27375ec637d7269c9f4002846e418f7ed1 Mon Sep 17 00:00:00 2001 From: fcaffieri Date: Tue, 8 Jul 2025 16:25:53 -0300 Subject: [PATCH 08/15] Update Dockerfile --- build-docker-images/wazuh-indexer/Dockerfile | 1 + 1 file changed, 1 insertion(+) diff --git a/build-docker-images/wazuh-indexer/Dockerfile b/build-docker-images/wazuh-indexer/Dockerfile index 9c7fd189..de99bbba 100644 --- a/build-docker-images/wazuh-indexer/Dockerfile +++ b/build-docker-images/wazuh-indexer/Dockerfile @@ -68,6 +68,7 @@ RUN chown 1000:1000 /*.sh COPY --from=builder --chown=1000:1000 /usr/share/wazuh-indexer /usr/share/wazuh-indexer COPY --from=builder --chown=1000:1000 /etc/wazuh-indexer /usr/share/wazuh-indexer +COPY --from=builder --chown=1000:1000 /debian/wazuh-indexer/usr/share/wazuh-indexer /usr/share/wazuh-indexer COPY --from=builder --chown=0:0 /debian/wazuh-indexer/usr/lib/systemd /usr/lib/systemd COPY --from=builder --chown=0:0 /debian/wazuh-indexer/usr/lib/sysctl.d /usr/lib/sysctl.d COPY --from=builder --chown=0:0 /debian/wazuh-indexer/usr/lib/tmpfiles.d /usr/lib/tmpfiles.d From 9cc135d05bcb9ecb72bab3c599f8c6aa9bf75366 Mon Sep 17 00:00:00 2001 From: fcaffieri Date: Tue, 8 Jul 2025 17:30:26 -0300 Subject: [PATCH 09/15] Update CHANGELOG --- CHANGELOG.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index f25a77c7..80364554 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -14,7 +14,7 @@ All notable changes to this project will be documented in this file. ### Fixed -- None +- Update Dockerfile to copy opensearch-security files ([#1928](https://github.com/wazuh/wazuh-docker/pull/1928)) ### Deleted From 85709013bc98f6891c6ae5996a813624d7afe663 Mon Sep 17 00:00:00 2001 From: vcerenu Date: Fri, 1 Aug 2025 12:44:43 -0300 Subject: [PATCH 10/15] Fix config directory for opensearch_security plugin work --- build-docker-images/wazuh-indexer/Dockerfile | 7 ++++--- build-docker-images/wazuh-indexer/config/config.sh | 2 +- .../wazuh-indexer/config/entrypoint.sh | 2 +- .../wazuh-indexer/config/opensearch.yml | 13 +++++++------ multi-node/config/wazuh_indexer/wazuh1.indexer.yml | 12 ++++++------ multi-node/config/wazuh_indexer/wazuh2.indexer.yml | 12 ++++++------ multi-node/config/wazuh_indexer/wazuh3.indexer.yml | 12 ++++++------ single-node/config/wazuh_indexer/wazuh.indexer.yml | 13 +++++++------ single-node/docker-compose.yml | 14 +++++++------- 9 files changed, 45 insertions(+), 42 deletions(-) diff --git a/build-docker-images/wazuh-indexer/Dockerfile b/build-docker-images/wazuh-indexer/Dockerfile index de99bbba..c84276b0 100644 --- a/build-docker-images/wazuh-indexer/Dockerfile +++ b/build-docker-images/wazuh-indexer/Dockerfile @@ -67,7 +67,7 @@ RUN chmod 700 /entrypoint.sh && chmod 700 /securityadmin.sh RUN chown 1000:1000 /*.sh COPY --from=builder --chown=1000:1000 /usr/share/wazuh-indexer /usr/share/wazuh-indexer -COPY --from=builder --chown=1000:1000 /etc/wazuh-indexer /usr/share/wazuh-indexer +COPY --from=builder --chown=1000:1000 /etc/wazuh-indexer /usr/share/wazuh-indexer/config COPY --from=builder --chown=1000:1000 /debian/wazuh-indexer/usr/share/wazuh-indexer /usr/share/wazuh-indexer COPY --from=builder --chown=0:0 /debian/wazuh-indexer/usr/lib/systemd /usr/lib/systemd COPY --from=builder --chown=0:0 /debian/wazuh-indexer/usr/lib/sysctl.d /usr/lib/sysctl.d @@ -80,8 +80,9 @@ RUN mkdir -p /var/lib/wazuh-indexer && chown 1000:1000 /var/lib/wazuh-indexer && mkdir -p /run/wazuh-indexer && chown 1000:1000 /run/wazuh-indexer && \ mkdir -p /var/log/wazuh-indexer && chown 1000:1000 /var/log/wazuh-indexer && \ chmod 700 /usr/share/wazuh-indexer && \ - chmod 600 /usr/share/wazuh-indexer/jvm.options && \ - chmod 600 /usr/share/wazuh-indexer/opensearch.yml + chmod 700 /usr/share/wazuh-indexer/config && \ + chmod 600 /usr/share/wazuh-indexer/config/jvm.options && \ + chmod 600 /usr/share/wazuh-indexer/config/opensearch.yml USER wazuh-indexer diff --git a/build-docker-images/wazuh-indexer/config/config.sh b/build-docker-images/wazuh-indexer/config/config.sh index ebc86fd1..1761b016 100644 --- a/build-docker-images/wazuh-indexer/config/config.sh +++ b/build-docker-images/wazuh-indexer/config/config.sh @@ -13,7 +13,7 @@ export LOG_DIR=/var/log/${NAME} export LIB_DIR=/var/lib/${NAME} export PID_DIR=/run/${NAME} export INSTALLATION_DIR=/usr/share/${NAME} -export CONFIG_DIR=${INSTALLATION_DIR} +export CONFIG_DIR=${INSTALLATION_DIR}/config export BASE_DIR=${NAME}-* export INDEXER_FILE=wazuh-indexer-base.tar.xz export BASE_FILE=wazuh-indexer-base-${VERSION}-linux-x64.tar.xz diff --git a/build-docker-images/wazuh-indexer/config/entrypoint.sh b/build-docker-images/wazuh-indexer/config/entrypoint.sh index 2acb4aa0..caddb80e 100644 --- a/build-docker-images/wazuh-indexer/config/entrypoint.sh +++ b/build-docker-images/wazuh-indexer/config/entrypoint.sh @@ -6,7 +6,7 @@ umask 0002 export USER=wazuh-indexer export INSTALLATION_DIR=/usr/share/wazuh-indexer -export OPENSEARCH_PATH_CONF=${INSTALLATION_DIR} +export OPENSEARCH_PATH_CONF=${INSTALLATION_DIR}/config export JAVA_HOME=${INSTALLATION_DIR}/jdk export DISCOVERY=$(grep -oP "(?<=discovery.type: ).*" ${OPENSEARCH_PATH_CONF}/opensearch.yml) export CACERT=$(grep -oP "(?<=plugins.security.ssl.transport.pemtrustedcas_filepath: ).*" ${OPENSEARCH_PATH_CONF}/opensearch.yml) diff --git a/build-docker-images/wazuh-indexer/config/opensearch.yml b/build-docker-images/wazuh-indexer/config/opensearch.yml index 1f0a78b3..4e0cad86 100644 --- a/build-docker-images/wazuh-indexer/config/opensearch.yml +++ b/build-docker-images/wazuh-indexer/config/opensearch.yml @@ -1,15 +1,16 @@ network.host: "0.0.0.0" node.name: "wazuh.indexer" +cluster.name: "wazuh-cluster" path.data: /var/lib/wazuh-indexer path.logs: /var/log/wazuh-indexer discovery.type: single-node compatibility.override_main_response_version: true -plugins.security.ssl.http.pemcert_filepath: /usr/share/wazuh-indexer/certs/indexer.pem -plugins.security.ssl.http.pemkey_filepath: /usr/share/wazuh-indexer/certs/indexer-key.pem -plugins.security.ssl.http.pemtrustedcas_filepath: /usr/share/wazuh-indexer/certs/root-ca.pem -plugins.security.ssl.transport.pemcert_filepath: /usr/share/wazuh-indexer/certs/indexer.pem -plugins.security.ssl.transport.pemkey_filepath: /usr/share/wazuh-indexer/certs/indexer-key.pem -plugins.security.ssl.transport.pemtrustedcas_filepath: /usr/share/wazuh-indexer/certs/root-ca.pem +plugins.security.ssl.http.pemcert_filepath: /usr/share/wazuh-indexer/config/certs/indexer.pem +plugins.security.ssl.http.pemkey_filepath: /usr/share/wazuh-indexer/config/certs/indexer-key.pem +plugins.security.ssl.http.pemtrustedcas_filepath: /usr/share/wazuh-indexer/config/certs/root-ca.pem +plugins.security.ssl.transport.pemcert_filepath: /usr/share/wazuh-indexer/config/certs/indexer.pem +plugins.security.ssl.transport.pemkey_filepath: /usr/share/wazuh-indexer/config/certs/indexer-key.pem +plugins.security.ssl.transport.pemtrustedcas_filepath: /usr/share/wazuh-indexer/config/certs/root-ca.pem plugins.security.ssl.http.enabled: true plugins.security.ssl.transport.enforce_hostname_verification: false plugins.security.ssl.transport.resolve_hostname: false diff --git a/multi-node/config/wazuh_indexer/wazuh1.indexer.yml b/multi-node/config/wazuh_indexer/wazuh1.indexer.yml index 59cbe9bf..7dfd5746 100644 --- a/multi-node/config/wazuh_indexer/wazuh1.indexer.yml +++ b/multi-node/config/wazuh_indexer/wazuh1.indexer.yml @@ -12,12 +12,12 @@ discovery.seed_hosts: node.max_local_storage_nodes: "3" path.data: /var/lib/wazuh-indexer path.logs: /var/log/wazuh-indexer -plugins.security.ssl.http.pemcert_filepath: ${OPENSEARCH_PATH_CONF}/certs/wazuh1.indexer.pem -plugins.security.ssl.http.pemkey_filepath: ${OPENSEARCH_PATH_CONF}/certs/wazuh1.indexer.key -plugins.security.ssl.http.pemtrustedcas_filepath: ${OPENSEARCH_PATH_CONF}/certs/root-ca.pem -plugins.security.ssl.transport.pemcert_filepath: ${OPENSEARCH_PATH_CONF}/certs/wazuh1.indexer.pem -plugins.security.ssl.transport.pemkey_filepath: ${OPENSEARCH_PATH_CONF}/certs/wazuh1.indexer.key -plugins.security.ssl.transport.pemtrustedcas_filepath: ${OPENSEARCH_PATH_CONF}/certs/root-ca.pem +plugins.security.ssl.http.pemcert_filepath: ${OPENSEARCH_PATH_CONF}/config/certs/wazuh1.indexer.pem +plugins.security.ssl.http.pemkey_filepath: ${OPENSEARCH_PATH_CONF}/config/certs/wazuh1.indexer.key +plugins.security.ssl.http.pemtrustedcas_filepath: ${OPENSEARCH_PATH_CONF}/config/certs/root-ca.pem +plugins.security.ssl.transport.pemcert_filepath: ${OPENSEARCH_PATH_CONF}/config/certs/wazuh1.indexer.pem +plugins.security.ssl.transport.pemkey_filepath: ${OPENSEARCH_PATH_CONF}/config/certs/wazuh1.indexer.key +plugins.security.ssl.transport.pemtrustedcas_filepath: ${OPENSEARCH_PATH_CONF}/config/certs/root-ca.pem plugins.security.ssl.http.enabled: true plugins.security.ssl.transport.enforce_hostname_verification: false plugins.security.ssl.transport.resolve_hostname: false diff --git a/multi-node/config/wazuh_indexer/wazuh2.indexer.yml b/multi-node/config/wazuh_indexer/wazuh2.indexer.yml index 478ed1d0..cd14e728 100644 --- a/multi-node/config/wazuh_indexer/wazuh2.indexer.yml +++ b/multi-node/config/wazuh_indexer/wazuh2.indexer.yml @@ -12,12 +12,12 @@ discovery.seed_hosts: node.max_local_storage_nodes: "3" path.data: /var/lib/wazuh-indexer path.logs: /var/log/wazuh-indexer -plugins.security.ssl.http.pemcert_filepath: ${OPENSEARCH_PATH_CONF}/certs/wazuh2.indexer.pem -plugins.security.ssl.http.pemkey_filepath: ${OPENSEARCH_PATH_CONF}/certs/wazuh2.indexer.key -plugins.security.ssl.http.pemtrustedcas_filepath: ${OPENSEARCH_PATH_CONF}/certs/root-ca.pem -plugins.security.ssl.transport.pemcert_filepath: ${OPENSEARCH_PATH_CONF}/certs/wazuh2.indexer.pem -plugins.security.ssl.transport.pemkey_filepath: ${OPENSEARCH_PATH_CONF}/certs/wazuh2.indexer.key -plugins.security.ssl.transport.pemtrustedcas_filepath: ${OPENSEARCH_PATH_CONF}/certs/root-ca.pem +plugins.security.ssl.http.pemcert_filepath: ${OPENSEARCH_PATH_CONF}/config/certs/wazuh2.indexer.pem +plugins.security.ssl.http.pemkey_filepath: ${OPENSEARCH_PATH_CONF}/config/certs/wazuh2.indexer.key +plugins.security.ssl.http.pemtrustedcas_filepath: ${OPENSEARCH_PATH_CONF}/config/certs/root-ca.pem +plugins.security.ssl.transport.pemcert_filepath: ${OPENSEARCH_PATH_CONF}/config/certs/wazuh2.indexer.pem +plugins.security.ssl.transport.pemkey_filepath: ${OPENSEARCH_PATH_CONF}/config/certs/wazuh2.indexer.key +plugins.security.ssl.transport.pemtrustedcas_filepath: ${OPENSEARCH_PATH_CONF}/config/certs/root-ca.pem plugins.security.ssl.http.enabled: true plugins.security.ssl.transport.enforce_hostname_verification: false plugins.security.ssl.transport.resolve_hostname: false diff --git a/multi-node/config/wazuh_indexer/wazuh3.indexer.yml b/multi-node/config/wazuh_indexer/wazuh3.indexer.yml index 8caa513d..94761d1a 100644 --- a/multi-node/config/wazuh_indexer/wazuh3.indexer.yml +++ b/multi-node/config/wazuh_indexer/wazuh3.indexer.yml @@ -12,12 +12,12 @@ discovery.seed_hosts: node.max_local_storage_nodes: "3" path.data: /var/lib/wazuh-indexer path.logs: /var/log/wazuh-indexer -plugins.security.ssl.http.pemcert_filepath: ${OPENSEARCH_PATH_CONF}/certs/wazuh3.indexer.pem -plugins.security.ssl.http.pemkey_filepath: ${OPENSEARCH_PATH_CONF}/certs/wazuh3.indexer.key -plugins.security.ssl.http.pemtrustedcas_filepath: ${OPENSEARCH_PATH_CONF}/certs/root-ca.pem -plugins.security.ssl.transport.pemcert_filepath: ${OPENSEARCH_PATH_CONF}/certs/wazuh3.indexer.pem -plugins.security.ssl.transport.pemkey_filepath: ${OPENSEARCH_PATH_CONF}/certs/wazuh3.indexer.key -plugins.security.ssl.transport.pemtrustedcas_filepath: ${OPENSEARCH_PATH_CONF}/certs/root-ca.pem +plugins.security.ssl.http.pemcert_filepath: ${OPENSEARCH_PATH_CONF}/config/certs/wazuh3.indexer.pem +plugins.security.ssl.http.pemkey_filepath: ${OPENSEARCH_PATH_CONF}/config/certs/wazuh3.indexer.key +plugins.security.ssl.http.pemtrustedcas_filepath: ${OPENSEARCH_PATH_CONF}/config/certs/root-ca.pem +plugins.security.ssl.transport.pemcert_filepath: ${OPENSEARCH_PATH_CONF}/config/certs/wazuh3.indexer.pem +plugins.security.ssl.transport.pemkey_filepath: ${OPENSEARCH_PATH_CONF}/config/certs/wazuh3.indexer.key +plugins.security.ssl.transport.pemtrustedcas_filepath: ${OPENSEARCH_PATH_CONF}/config/certs/root-ca.pem plugins.security.ssl.http.enabled: true plugins.security.ssl.transport.enforce_hostname_verification: false plugins.security.ssl.transport.resolve_hostname: false diff --git a/single-node/config/wazuh_indexer/wazuh.indexer.yml b/single-node/config/wazuh_indexer/wazuh.indexer.yml index 84c3dbf9..44c0602a 100644 --- a/single-node/config/wazuh_indexer/wazuh.indexer.yml +++ b/single-node/config/wazuh_indexer/wazuh.indexer.yml @@ -1,17 +1,18 @@ network.host: "0.0.0.0" node.name: "wazuh.indexer" +cluster.name: "wazuh-cluster" path.data: /var/lib/wazuh-indexer path.logs: /var/log/wazuh-indexer discovery.type: single-node http.port: 9200-9299 transport.tcp.port: 9300-9399 compatibility.override_main_response_version: true -plugins.security.ssl.http.pemcert_filepath: /usr/share/wazuh-indexer/certs/wazuh.indexer.pem -plugins.security.ssl.http.pemkey_filepath: /usr/share/wazuh-indexer/certs/wazuh.indexer.key -plugins.security.ssl.http.pemtrustedcas_filepath: /usr/share/wazuh-indexer/certs/root-ca.pem -plugins.security.ssl.transport.pemcert_filepath: /usr/share/wazuh-indexer/certs/wazuh.indexer.pem -plugins.security.ssl.transport.pemkey_filepath: /usr/share/wazuh-indexer/certs/wazuh.indexer.key -plugins.security.ssl.transport.pemtrustedcas_filepath: /usr/share/wazuh-indexer/certs/root-ca.pem +plugins.security.ssl.http.pemcert_filepath: /usr/share/wazuh-indexer/config/certs/wazuh.indexer.pem +plugins.security.ssl.http.pemkey_filepath: /usr/share/wazuh-indexer/config/certs/wazuh.indexer.key +plugins.security.ssl.http.pemtrustedcas_filepath: /usr/share/wazuh-indexer/config/certs/root-ca.pem +plugins.security.ssl.transport.pemcert_filepath: /usr/share/wazuh-indexer/config/certs/wazuh.indexer.pem +plugins.security.ssl.transport.pemkey_filepath: /usr/share/wazuh-indexer/config/certs/wazuh.indexer.key +plugins.security.ssl.transport.pemtrustedcas_filepath: /usr/share/wazuh-indexer/config/certs/root-ca.pem plugins.security.ssl.http.enabled: true plugins.security.ssl.transport.enforce_hostname_verification: false plugins.security.ssl.transport.resolve_hostname: false diff --git a/single-node/docker-compose.yml b/single-node/docker-compose.yml index d5a73e7c..19d81f39 100644 --- a/single-node/docker-compose.yml +++ b/single-node/docker-compose.yml @@ -60,13 +60,13 @@ services: hard: 65536 volumes: - wazuh-indexer-data:/var/lib/wazuh-indexer - - ./config/wazuh_indexer_ssl_certs/root-ca.pem:/usr/share/wazuh-indexer/certs/root-ca.pem - - ./config/wazuh_indexer_ssl_certs/wazuh.indexer-key.pem:/usr/share/wazuh-indexer/certs/wazuh.indexer.key - - ./config/wazuh_indexer_ssl_certs/wazuh.indexer.pem:/usr/share/wazuh-indexer/certs/wazuh.indexer.pem - - ./config/wazuh_indexer_ssl_certs/admin.pem:/usr/share/wazuh-indexer/certs/admin.pem - - ./config/wazuh_indexer_ssl_certs/admin-key.pem:/usr/share/wazuh-indexer/certs/admin-key.pem - - ./config/wazuh_indexer/wazuh.indexer.yml:/usr/share/wazuh-indexer/opensearch.yml - - ./config/wazuh_indexer/internal_users.yml:/usr/share/wazuh-indexer/opensearch-security/internal_users.yml + - ./config/wazuh_indexer_ssl_certs/root-ca.pem:/usr/share/wazuh-indexer/config/certs/root-ca.pem + - ./config/wazuh_indexer_ssl_certs/wazuh.indexer-key.pem:/usr/share/wazuh-indexer/config/certs/wazuh.indexer.key + - ./config/wazuh_indexer_ssl_certs/wazuh.indexer.pem:/usr/share/wazuh-indexer/config/certs/wazuh.indexer.pem + - ./config/wazuh_indexer_ssl_certs/admin.pem:/usr/share/wazuh-indexer/config/certs/admin.pem + - ./config/wazuh_indexer_ssl_certs/admin-key.pem:/usr/share/wazuh-indexer/config/certs/admin-key.pem + - ./config/wazuh_indexer/wazuh.indexer.yml:/usr/share/wazuh-indexer/config/opensearch.yml + - ./config/wazuh_indexer/internal_users.yml:/usr/share/wazuh-indexer/config/opensearch-security/internal_users.yml wazuh.dashboard: image: wazuh/wazuh-dashboard:4.14.0 From f53f1930aa809e514dddca1b10fa73c8dfc8bf27 Mon Sep 17 00:00:00 2001 From: vcerenu Date: Fri, 1 Aug 2025 13:11:48 -0300 Subject: [PATCH 11/15] Add changelog --- CHANGELOG.md | 1 + 1 file changed, 1 insertion(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index 54c67707..b2745e0e 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -14,6 +14,7 @@ All notable changes to this project will be documented in this file. ### Fixed +- Fix config directory for opensearch_security plugin work ([#1951](https://github.com/wazuh/wazuh-docker/pull/1951)) - Update Dockerfile to copy opensearch-security files ([#1928](https://github.com/wazuh/wazuh-docker/pull/1928)) ### Deleted From 81208b9abe41139c07099a2c119d0d392f5b10cb Mon Sep 17 00:00:00 2001 From: vcerenu Date: Fri, 1 Aug 2025 14:05:37 -0300 Subject: [PATCH 12/15] rollback certs path --- multi-node/config/wazuh_indexer/wazuh1.indexer.yml | 12 ++++++------ multi-node/config/wazuh_indexer/wazuh2.indexer.yml | 12 ++++++------ multi-node/config/wazuh_indexer/wazuh3.indexer.yml | 12 ++++++------ 3 files changed, 18 insertions(+), 18 deletions(-) diff --git a/multi-node/config/wazuh_indexer/wazuh1.indexer.yml b/multi-node/config/wazuh_indexer/wazuh1.indexer.yml index 7dfd5746..59cbe9bf 100644 --- a/multi-node/config/wazuh_indexer/wazuh1.indexer.yml +++ b/multi-node/config/wazuh_indexer/wazuh1.indexer.yml @@ -12,12 +12,12 @@ discovery.seed_hosts: node.max_local_storage_nodes: "3" path.data: /var/lib/wazuh-indexer path.logs: /var/log/wazuh-indexer -plugins.security.ssl.http.pemcert_filepath: ${OPENSEARCH_PATH_CONF}/config/certs/wazuh1.indexer.pem -plugins.security.ssl.http.pemkey_filepath: ${OPENSEARCH_PATH_CONF}/config/certs/wazuh1.indexer.key -plugins.security.ssl.http.pemtrustedcas_filepath: ${OPENSEARCH_PATH_CONF}/config/certs/root-ca.pem -plugins.security.ssl.transport.pemcert_filepath: ${OPENSEARCH_PATH_CONF}/config/certs/wazuh1.indexer.pem -plugins.security.ssl.transport.pemkey_filepath: ${OPENSEARCH_PATH_CONF}/config/certs/wazuh1.indexer.key -plugins.security.ssl.transport.pemtrustedcas_filepath: ${OPENSEARCH_PATH_CONF}/config/certs/root-ca.pem +plugins.security.ssl.http.pemcert_filepath: ${OPENSEARCH_PATH_CONF}/certs/wazuh1.indexer.pem +plugins.security.ssl.http.pemkey_filepath: ${OPENSEARCH_PATH_CONF}/certs/wazuh1.indexer.key +plugins.security.ssl.http.pemtrustedcas_filepath: ${OPENSEARCH_PATH_CONF}/certs/root-ca.pem +plugins.security.ssl.transport.pemcert_filepath: ${OPENSEARCH_PATH_CONF}/certs/wazuh1.indexer.pem +plugins.security.ssl.transport.pemkey_filepath: ${OPENSEARCH_PATH_CONF}/certs/wazuh1.indexer.key +plugins.security.ssl.transport.pemtrustedcas_filepath: ${OPENSEARCH_PATH_CONF}/certs/root-ca.pem plugins.security.ssl.http.enabled: true plugins.security.ssl.transport.enforce_hostname_verification: false plugins.security.ssl.transport.resolve_hostname: false diff --git a/multi-node/config/wazuh_indexer/wazuh2.indexer.yml b/multi-node/config/wazuh_indexer/wazuh2.indexer.yml index cd14e728..478ed1d0 100644 --- a/multi-node/config/wazuh_indexer/wazuh2.indexer.yml +++ b/multi-node/config/wazuh_indexer/wazuh2.indexer.yml @@ -12,12 +12,12 @@ discovery.seed_hosts: node.max_local_storage_nodes: "3" path.data: /var/lib/wazuh-indexer path.logs: /var/log/wazuh-indexer -plugins.security.ssl.http.pemcert_filepath: ${OPENSEARCH_PATH_CONF}/config/certs/wazuh2.indexer.pem -plugins.security.ssl.http.pemkey_filepath: ${OPENSEARCH_PATH_CONF}/config/certs/wazuh2.indexer.key -plugins.security.ssl.http.pemtrustedcas_filepath: ${OPENSEARCH_PATH_CONF}/config/certs/root-ca.pem -plugins.security.ssl.transport.pemcert_filepath: ${OPENSEARCH_PATH_CONF}/config/certs/wazuh2.indexer.pem -plugins.security.ssl.transport.pemkey_filepath: ${OPENSEARCH_PATH_CONF}/config/certs/wazuh2.indexer.key -plugins.security.ssl.transport.pemtrustedcas_filepath: ${OPENSEARCH_PATH_CONF}/config/certs/root-ca.pem +plugins.security.ssl.http.pemcert_filepath: ${OPENSEARCH_PATH_CONF}/certs/wazuh2.indexer.pem +plugins.security.ssl.http.pemkey_filepath: ${OPENSEARCH_PATH_CONF}/certs/wazuh2.indexer.key +plugins.security.ssl.http.pemtrustedcas_filepath: ${OPENSEARCH_PATH_CONF}/certs/root-ca.pem +plugins.security.ssl.transport.pemcert_filepath: ${OPENSEARCH_PATH_CONF}/certs/wazuh2.indexer.pem +plugins.security.ssl.transport.pemkey_filepath: ${OPENSEARCH_PATH_CONF}/certs/wazuh2.indexer.key +plugins.security.ssl.transport.pemtrustedcas_filepath: ${OPENSEARCH_PATH_CONF}/certs/root-ca.pem plugins.security.ssl.http.enabled: true plugins.security.ssl.transport.enforce_hostname_verification: false plugins.security.ssl.transport.resolve_hostname: false diff --git a/multi-node/config/wazuh_indexer/wazuh3.indexer.yml b/multi-node/config/wazuh_indexer/wazuh3.indexer.yml index 94761d1a..8caa513d 100644 --- a/multi-node/config/wazuh_indexer/wazuh3.indexer.yml +++ b/multi-node/config/wazuh_indexer/wazuh3.indexer.yml @@ -12,12 +12,12 @@ discovery.seed_hosts: node.max_local_storage_nodes: "3" path.data: /var/lib/wazuh-indexer path.logs: /var/log/wazuh-indexer -plugins.security.ssl.http.pemcert_filepath: ${OPENSEARCH_PATH_CONF}/config/certs/wazuh3.indexer.pem -plugins.security.ssl.http.pemkey_filepath: ${OPENSEARCH_PATH_CONF}/config/certs/wazuh3.indexer.key -plugins.security.ssl.http.pemtrustedcas_filepath: ${OPENSEARCH_PATH_CONF}/config/certs/root-ca.pem -plugins.security.ssl.transport.pemcert_filepath: ${OPENSEARCH_PATH_CONF}/config/certs/wazuh3.indexer.pem -plugins.security.ssl.transport.pemkey_filepath: ${OPENSEARCH_PATH_CONF}/config/certs/wazuh3.indexer.key -plugins.security.ssl.transport.pemtrustedcas_filepath: ${OPENSEARCH_PATH_CONF}/config/certs/root-ca.pem +plugins.security.ssl.http.pemcert_filepath: ${OPENSEARCH_PATH_CONF}/certs/wazuh3.indexer.pem +plugins.security.ssl.http.pemkey_filepath: ${OPENSEARCH_PATH_CONF}/certs/wazuh3.indexer.key +plugins.security.ssl.http.pemtrustedcas_filepath: ${OPENSEARCH_PATH_CONF}/certs/root-ca.pem +plugins.security.ssl.transport.pemcert_filepath: ${OPENSEARCH_PATH_CONF}/certs/wazuh3.indexer.pem +plugins.security.ssl.transport.pemkey_filepath: ${OPENSEARCH_PATH_CONF}/certs/wazuh3.indexer.key +plugins.security.ssl.transport.pemtrustedcas_filepath: ${OPENSEARCH_PATH_CONF}/certs/root-ca.pem plugins.security.ssl.http.enabled: true plugins.security.ssl.transport.enforce_hostname_verification: false plugins.security.ssl.transport.resolve_hostname: false From 3243306b07b3597b24f3758a7746d6a2666646d8 Mon Sep 17 00:00:00 2001 From: vcerenu Date: Mon, 4 Aug 2025 13:18:59 -0300 Subject: [PATCH 13/15] Add docker-compose multi node config --- multi-node/docker-compose.yml | 34 +++++++++++++++++----------------- 1 file changed, 17 insertions(+), 17 deletions(-) diff --git a/multi-node/docker-compose.yml b/multi-node/docker-compose.yml index e3830c25..fca7ab2a 100644 --- a/multi-node/docker-compose.yml +++ b/multi-node/docker-compose.yml @@ -96,13 +96,13 @@ services: hard: 65536 volumes: - wazuh-indexer-data-1:/var/lib/wazuh-indexer - - ./config/wazuh_indexer_ssl_certs/root-ca.pem:/usr/share/wazuh-indexer/certs/root-ca.pem - - ./config/wazuh_indexer_ssl_certs/wazuh1.indexer-key.pem:/usr/share/wazuh-indexer/certs/wazuh1.indexer.key - - ./config/wazuh_indexer_ssl_certs/wazuh1.indexer.pem:/usr/share/wazuh-indexer/certs/wazuh1.indexer.pem - - ./config/wazuh_indexer_ssl_certs/admin.pem:/usr/share/wazuh-indexer/certs/admin.pem - - ./config/wazuh_indexer_ssl_certs/admin-key.pem:/usr/share/wazuh-indexer/certs/admin-key.pem - - ./config/wazuh_indexer/wazuh1.indexer.yml:/usr/share/wazuh-indexer/opensearch.yml - - ./config/wazuh_indexer/internal_users.yml:/usr/share/wazuh-indexer/opensearch-security/internal_users.yml + - ./config/wazuh_indexer_ssl_certs/root-ca.pem:/usr/share/wazuh-indexer/config/certs/root-ca.pem + - ./config/wazuh_indexer_ssl_certs/wazuh1.indexer-key.pem:/usr/share/wazuh-indexer/config/certs/wazuh1.indexer.key + - ./config/wazuh_indexer_ssl_certs/wazuh1.indexer.pem:/usr/share/wazuh-indexer/config/certs/wazuh1.indexer.pem + - ./config/wazuh_indexer_ssl_certs/admin.pem:/usr/share/wazuh-indexer/config/certs/admin.pem + - ./config/wazuh_indexer_ssl_certs/admin-key.pem:/usr/share/wazuh-indexer/config/certs/admin-key.pem + - ./config/wazuh_indexer/wazuh1.indexer.yml:/usr/share/wazuh-indexer/config/opensearch.yml + - ./config/wazuh_indexer/internal_users.yml:/usr/share/wazuh-indexer/config/opensearch-security/internal_users.yml wazuh2.indexer: image: wazuh/wazuh-indexer:4.14.0 @@ -120,11 +120,11 @@ services: hard: 65536 volumes: - wazuh-indexer-data-2:/var/lib/wazuh-indexer - - ./config/wazuh_indexer_ssl_certs/root-ca.pem:/usr/share/wazuh-indexer/certs/root-ca.pem - - ./config/wazuh_indexer_ssl_certs/wazuh2.indexer-key.pem:/usr/share/wazuh-indexer/certs/wazuh2.indexer.key - - ./config/wazuh_indexer_ssl_certs/wazuh2.indexer.pem:/usr/share/wazuh-indexer/certs/wazuh2.indexer.pem - - ./config/wazuh_indexer/wazuh2.indexer.yml:/usr/share/wazuh-indexer/opensearch.yml - - ./config/wazuh_indexer/internal_users.yml:/usr/share/wazuh-indexer/opensearch-security/internal_users.yml + - ./config/wazuh_indexer_ssl_certs/root-ca.pem:/usr/share/wazuh-indexer/config/certs/root-ca.pem + - ./config/wazuh_indexer_ssl_certs/wazuh2.indexer-key.pem:/usr/share/wazuh-indexer/config/certs/wazuh2.indexer.key + - ./config/wazuh_indexer_ssl_certs/wazuh2.indexer.pem:/usr/share/wazuh-indexer/config/certs/wazuh2.indexer.pem + - ./config/wazuh_indexer/wazuh2.indexer.yml:/usr/share/wazuh-indexer/config/opensearch.yml + - ./config/wazuh_indexer/internal_users.yml:/usr/share/wazuh-indexer/config/opensearch-security/internal_users.yml wazuh3.indexer: image: wazuh/wazuh-indexer:4.14.0 @@ -142,11 +142,11 @@ services: hard: 65536 volumes: - wazuh-indexer-data-3:/var/lib/wazuh-indexer - - ./config/wazuh_indexer_ssl_certs/root-ca.pem:/usr/share/wazuh-indexer/certs/root-ca.pem - - ./config/wazuh_indexer_ssl_certs/wazuh3.indexer-key.pem:/usr/share/wazuh-indexer/certs/wazuh3.indexer.key - - ./config/wazuh_indexer_ssl_certs/wazuh3.indexer.pem:/usr/share/wazuh-indexer/certs/wazuh3.indexer.pem - - ./config/wazuh_indexer/wazuh3.indexer.yml:/usr/share/wazuh-indexer/opensearch.yml - - ./config/wazuh_indexer/internal_users.yml:/usr/share/wazuh-indexer/opensearch-security/internal_users.yml + - ./config/wazuh_indexer_ssl_certs/root-ca.pem:/usr/share/wazuh-indexer/config/certs/root-ca.pem + - ./config/wazuh_indexer_ssl_certs/wazuh3.indexer-key.pem:/usr/share/wazuh-indexer/config/certs/wazuh3.indexer.key + - ./config/wazuh_indexer_ssl_certs/wazuh3.indexer.pem:/usr/share/wazuh-indexer/config/certs/wazuh3.indexer.pem + - ./config/wazuh_indexer/wazuh3.indexer.yml:/usr/share/wazuh-indexer/config/opensearch.yml + - ./config/wazuh_indexer/internal_users.yml:/usr/share/wazuh-indexer/config/opensearch-security/internal_users.yml wazuh.dashboard: image: wazuh/wazuh-dashboard:4.14.0 From 29190cce9997e294a174ba179180731d1ee2c76b Mon Sep 17 00:00:00 2001 From: vcerenu Date: Tue, 5 Aug 2025 12:50:34 -0300 Subject: [PATCH 14/15] Delete Dcokerfile line --- build-docker-images/wazuh-indexer/Dockerfile | 2 -- 1 file changed, 2 deletions(-) diff --git a/build-docker-images/wazuh-indexer/Dockerfile b/build-docker-images/wazuh-indexer/Dockerfile index c84276b0..27fc4c30 100644 --- a/build-docker-images/wazuh-indexer/Dockerfile +++ b/build-docker-images/wazuh-indexer/Dockerfile @@ -73,8 +73,6 @@ COPY --from=builder --chown=0:0 /debian/wazuh-indexer/usr/lib/systemd /usr/lib/s COPY --from=builder --chown=0:0 /debian/wazuh-indexer/usr/lib/sysctl.d /usr/lib/sysctl.d COPY --from=builder --chown=0:0 /debian/wazuh-indexer/usr/lib/tmpfiles.d /usr/lib/tmpfiles.d -RUN chown -R 1000:1000 /usr/share/wazuh-indexer - RUN mkdir -p /var/lib/wazuh-indexer && chown 1000:1000 /var/lib/wazuh-indexer && \ mkdir -p /usr/share/wazuh-indexer/logs && chown 1000:1000 /usr/share/wazuh-indexer/logs && \ mkdir -p /run/wazuh-indexer && chown 1000:1000 /run/wazuh-indexer && \ From 82a967c0dfd9997f1a131a5af8c6ab14a2eace82 Mon Sep 17 00:00:00 2001 From: vcerenu Date: Tue, 5 Aug 2025 13:37:39 -0300 Subject: [PATCH 15/15] Add changelog --- CHANGELOG.md | 1 + 1 file changed, 1 insertion(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index b2745e0e..56e70591 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -14,6 +14,7 @@ All notable changes to this project will be documented in this file. ### Fixed +- Double the amount of space consumed in Wazuh Indexer ([#1953](https://github.com/wazuh/wazuh-docker/pull/1953)) - Fix config directory for opensearch_security plugin work ([#1951](https://github.com/wazuh/wazuh-docker/pull/1951)) - Update Dockerfile to copy opensearch-security files ([#1928](https://github.com/wazuh/wazuh-docker/pull/1928))