Updated CHANGELOG.

Update to 3.8.2_6.7.0

CHANGELOG.md

@@ -1,6 +1,24 @@
 # Change Log
 All notable changes to this project will be documented in this file.
 
+## Wazuh Docker v3.8.2_6.7.0
+
+### Changed
+
+- Update Elastic Stack version to 6.7.0. ([#144](https://github.com/wazuh/wazuh-docker/pull/144))
+
+## Wazuh Docker v3.8.2_6.6.2
+
+### Changed
+
+- Update Elastic Stack version to 6.6.2. ([#130](https://github.com/wazuh/wazuh-docker/pull/130))
+
+## Wazuh Docker v3.8.2_6.6.1
+
+### Changed
+
+- Update Elastic Stack version to 6.6.1. ([#129](https://github.com/wazuh/wazuh-docker/pull/129))
+
 ## Wazuh Docker v3.8.2_6.5.4
 
 ### Added

README.md

@@ -11,8 +11,9 @@ In this repository you will find the containers to run:
 * wazuh-logstash: It is used to receive alerts generated by the manager and feed Elasticsearch using an alerts template
 * wazuh-kibana: Provides a web user interface to browse through alerts data. It includes Wazuh plugin for Kibana, that allows you to visualize agents configuration and status.
 * wazuh-nginx: Proxies the Kibana container, adding HTTPS (via self-signed SSL certificate) and [Basic authentication](https://developer.mozilla.org/en-US/docs/Web/HTTP/Authentication#Basic_authentication_scheme).
+* wazuh-elasticsearch: An Elasticsearch container (working as a single-node cluster) using Elastic Stack Docker images. **Be aware to increase the `vm.max_map_count` setting, as it's detailed in the [Wazuh documentation](https://documentation.wazuh.com/current/docker/wazuh-container.html#increase-max-map-count-on-your-host-linux).** 
 
-In addition, a docker-compose file is provided to launch the containers mentioned above. It also launches an Elasticsearch container (working as a single-node cluster) using Elastic Stack Docker images.
+In addition, a docker-compose file is provided to launch the containers mentioned above. 
 
 ## Documentation
 
@@ -58,9 +59,9 @@ In addition, a docker-compose file is provided to launch the containers mentione
 
 ## Branches
 
-* `stable` branch on correspond to the last Wazuh-Docker stable version.
+* `stable` branch on correspond to the latest Wazuh-Docker stable version.
 * `master` branch contains the latest code, be aware of possible bugs on this branch.
-* `Wazuh.Version_ElasticStack.Version` (for example 3.7.0_6.4.3) branch. This branch contains the current release referenced in Docker Hub. The container images are installed under the current version of this branch.
+* `Wazuh.Version_ElasticStack.Version` (for example 3.8.2_6.7.0) branch. This branch contains the current release referenced in Docker Hub. The container images are installed under the current version of this branch.
 
 ## Credits and Thank you
 

VERSION

@@ -1,2 +1,2 @@
-WAZUH-DOCKER_VERSION="3.8.2_6.5.4"
-REVISION="3802"
+WAZUH-DOCKER_VERSION="3.8.2_6.7.0"
+REVISION="3803"

docker-compose.yml

@@ -3,7 +3,7 @@ version: '2'
 
 services:
   wazuh:
-    image: wazuh/wazuh:3.8.2_6.5.4
+    image: wazuh/wazuh:3.8.2_6.7.0
     hostname: wazuh-manager
     restart: always
     ports:
@@ -14,7 +14,7 @@ services:
     depends_on:
       - logstash
   logstash:
-    image: wazuh/wazuh-logstash:3.8.2_6.5.4
+    image: wazuh/wazuh-logstash:3.8.2_6.7.0
     hostname: logstash
     restart: always
     links:
@@ -26,7 +26,7 @@ services:
     environment:
       - LS_HEAP_SIZE=2048m
   elasticsearch:
-    image: wazuh/wazuh-elasticsearch:3.8.2_6.5.4
+    image: wazuh/wazuh-elasticsearch:3.8.2_6.7.0
     hostname: elasticsearch
     restart: always
     ports:
@@ -43,7 +43,7 @@ services:
         hard: -1
     mem_limit: 2g
   kibana:
-    image: wazuh/wazuh-kibana:3.8.2_6.5.4
+    image: wazuh/wazuh-kibana:3.8.2_6.7.0
     hostname: kibana
     restart: always
     depends_on:
@@ -52,7 +52,7 @@ services:
       - elasticsearch:elasticsearch
       - wazuh:wazuh
   nginx:
-    image: wazuh/wazuh-nginx:3.8.2_6.5.4
+    image: wazuh/wazuh-nginx:3.8.2_6.7.0
     hostname: nginx
     restart: always
     environment:

elasticsearch/Dockerfile

@@ -1,5 +1,5 @@
 # Wazuh App Copyright (C) 2019 Wazuh Inc. (License GPLv2)
-FROM docker.elastic.co/elasticsearch/elasticsearch:6.5.4
+FROM docker.elastic.co/elasticsearch/elasticsearch:6.7.0
 
 ENV ALERTS_SHARDS="1" \
     ALERTS_REPLICAS="0"
@@ -23,7 +23,7 @@ COPY --chown=elasticsearch:elasticsearch ./config/load_settings.sh ./
 
 RUN chmod +x ./load_settings.sh
 
-RUN elasticsearch-plugin install --batch repository-s3
+RUN bin/elasticsearch-plugin install --batch https://artifacts.elastic.co/downloads/elasticsearch-plugins/repository-s3/repository-s3-6.7.0.zip
 
 COPY config/configure_s3.sh ./config/configure_s3.sh
 RUN chmod 755 ./config/configure_s3.sh

kibana/Dockerfile

@@ -1,6 +1,6 @@
 # Wazuh App Copyright (C) 2019 Wazuh Inc. (License GPLv2)
-FROM docker.elastic.co/kibana/kibana:6.5.4
-ARG WAZUH_APP_VERSION=3.8.2_6.5.4
+FROM docker.elastic.co/kibana/kibana:6.7.0
+ARG WAZUH_APP_VERSION=3.8.2_6.7.0
 USER root
 
 ADD https://packages.wazuh.com/wazuhapp/wazuhapp-${WAZUH_APP_VERSION}.zip /tmp
@@ -9,8 +9,8 @@ RUN NODE_OPTIONS="--max-old-space-size=3072" /usr/share/kibana/bin/kibana-plugin
     chown -R kibana:kibana /usr/share/kibana &&\
     rm -rf /tmp/*
 
-COPY config/entrypoint.sh ./entrypoint.sh
-RUN chmod 755 ./entrypoint.sh
+COPY config/entrypoint.sh /entrypoint.sh
+RUN chmod 755 /entrypoint.sh
 
 USER kibana
 
@@ -73,4 +73,4 @@ RUN ./welcome_wazuh.sh
 
 RUN /usr/local/bin/kibana-docker --optimize
 
-ENTRYPOINT ./entrypoint.sh
+ENTRYPOINT /entrypoint.sh

kibana/config/kibana_settings.sh

@@ -19,23 +19,7 @@ WAZUH_MAJOR=3
 # Customize elasticsearch ip
 ##############################################################################
 if [ "$ELASTICSEARCH_KIBANA_IP" != "" ]; then
-  sed -i 's|http://elasticsearch:9200|'$ELASTICSEARCH_KIBANA_IP'|g' /usr/share/kibana/config/kibana.yml
-fi
-
-# If KIBANA_INDEX was set, then change the default index in kibana.yml configuration file. If there was an index, then delete it and recreate.
-if [ "$KIBANA_INDEX" != "" ]; then
-  if grep -q 'kibana.index' /usr/share/kibana/config/kibana.yml; then
-    sed -i '/kibana.index/d' /usr/share/kibana/config/kibana.yml
-  fi
-    echo "kibana.index: $KIBANA_INDEX" >> /usr/share/kibana/config/kibana.yml
-fi
-
-# If XPACK_SECURITY_ENABLED was set, then change the xpack.security.enabled option from true (default) to false.
-if [ "$XPACK_SECURITY_ENABLED" != "" ]; then
-  if grep -q 'xpack.security.enabled' /usr/share/kibana/config/kibana.yml; then
-    sed -i '/xpack.security.enabled/d' /usr/share/kibana/config/kibana.yml
-  fi
-    echo "xpack.security.enabled: $XPACK_SECURITY_ENABLED" >> /usr/share/kibana/config/kibana.yml
+  sed -i "s/elasticsearch:9200/$ELASTICSEARCH_KIBANA_IP:9200/" /usr/share/kibana/config/kibana.yml
 fi
 
 if [ "$KIBANA_IP" != "" ]; then

logstash/Dockerfile

@@ -1,5 +1,5 @@
 # Wazuh App Copyright (C) 2019 Wazuh Inc. (License GPLv2)
-FROM docker.elastic.co/logstash/logstash:6.5.4
+FROM docker.elastic.co/logstash/logstash:6.7.0
 
 COPY --chown=logstash:logstash config/entrypoint.sh /entrypoint.sh
 

logstash/config/entrypoint.sh

@@ -17,16 +17,6 @@ else
   el_url="${ELASTICSEARCH_URL}"
 fi
 
-##############################################################################
-# Customize logstash output ip
-##############################################################################
-
-if [ "$LOGSTASH_OUTPUT" != "" ]; then
-  >&2 echo "Customize Logstash ouput ip."
-  sed -i 's|elasticsearch:9200|'$LOGSTASH_OUTPUT'|g' /usr/share/logstash/pipeline/01-wazuh.conf
-  sed -i 's|http://elasticsearch:9200|'$LOGSTASH_OUTPUT'|g' /usr/share/logstash/config/logstash.yml 
-fi
-
 until curl -XGET $el_url; do
   >&2 echo "Elastic is unavailable - sleeping."
   sleep 5
@@ -54,6 +44,16 @@ sleep 2
 
 >&2 echo "Wazuh alerts template is loaded."
 
+##############################################################################
+# Customize logstash output ip
+##############################################################################
+
+if [ "$LOGSTASH_OUTPUT" != "" ]; then
+  >&2 echo "Customize Logstash ouput ip."
+  sed -i "s/elasticsearch:9200/$LOGSTASH_OUTPUT:9200/" /usr/share/logstash/pipeline/01-wazuh.conf
+  sed -i "s/elasticsearch:9200/$LOGSTASH_OUTPUT:9200/" /usr/share/logstash/config/logstash.yml 
+fi
+
 ##############################################################################
 # Map environment variables to entries in logstash.yml.
 # Note that this will mutate logstash.yml in place if any such settings are found.

wazuh/Dockerfile

@@ -1,6 +1,6 @@
 # Wazuh App Copyright (C) 2019 Wazuh Inc. (License GPLv2)
 FROM phusion/baseimage:latest
-ARG FILEBEAT_VERSION=6.5.4
+ARG FILEBEAT_VERSION=6.7.0
 ARG WAZUH_VERSION=3.8.2-1
 
 ENV API_USER="foo" \