Merge pull request #1013 from wazuh/bump-4.6.0-revision

Revision Bump

.env

@@ -1,3 +1,3 @@
-WAZUH_VERSION=4.4.5
-WAZUH_IMAGE_VERSION=4.4.5
+WAZUH_VERSION=4.6.0
+WAZUH_IMAGE_VERSION=4.6.0
 WAZUH_TAG_REVISION=1

.github/.goss.yaml

@@ -56,7 +56,7 @@ package:
   wazuh-manager:
     installed: true
     versions:
-    - 4.4.5-1
+    - 4.6.0-1
 port:
   tcp:1514:
     listening: true

CHANGELOG.md

@@ -1,6 +1,31 @@
 # Change Log
 All notable changes to this project will be documented in this file.
 
+## Wazuh Docker v4.6.0
+### Added
+
+- Update Wazuh to version [4.6.0](https://github.com/wazuh/wazuh/blob/v4.6.0/CHANGELOG.md#v460)
+
+## Wazuh Docker v4.5.3
+### Added
+
+- Update Wazuh to version [4.5.3](https://github.com/wazuh/wazuh/blob/v4.5.3/CHANGELOG.md#v453)
+
+## Wazuh Docker v4.5.2
+### Added
+
+- Update Wazuh to version [4.5.2](https://github.com/wazuh/wazuh/blob/v4.5.2/CHANGELOG.md#v452)
+
+## Wazuh Docker v4.5.1
+### Added
+
+- Update Wazuh to version [4.5.1](https://github.com/wazuh/wazuh/blob/v4.5.1/CHANGELOG.md#v451)
+
+## Wazuh Docker v4.5.0
+### Added
+
+- Update Wazuh to version [4.5.0](https://github.com/wazuh/wazuh/blob/v4.5.0/CHANGELOG.md#v450)
+
 ## Wazuh Docker v4.4.5
 ### Added
 

README.md

@@ -195,6 +195,11 @@ WAZUH_MONITORING_REPLICAS=0         ##
 
 | Wazuh version | ODFE    | XPACK  |
 |---------------|---------|--------|
+| v4.6.0        |         |        |
+| v4.5.3        |         |        |
+| v4.5.2        |         |        |
+| v4.5.1        |         |        |
+| v4.5.0        |         |        |
 | v4.4.5        |         |        |
 | v4.4.4        |         |        |
 | v4.4.3        |         |        |

VERSION

@@ -1,2 +1,2 @@
-WAZUH-DOCKER_VERSION="4.4.5"
-REVISION="40413"
+WAZUH-DOCKER_VERSION="4.6.0"
+REVISION="40601"

build-docker-images/build-images.sh

@@ -1,14 +1,8 @@
-WAZUH_IMAGE_VERSION=4.4.5
+WAZUH_IMAGE_VERSION=4.6.0
 WAZUH_VERSION=$(echo $WAZUH_IMAGE_VERSION | sed -e 's/\.//g')
 WAZUH_TAG_REVISION=1
 WAZUH_CURRENT_VERSION=$(curl --silent https://api.github.com/repos/wazuh/wazuh/releases/latest | grep '\"tag_name\":' | sed -E 's/.*\"([^\"]+)\".*/\1/' | cut -c 2- | sed -e 's/\.//g')
-
-## If wazuh manager exists in apt dev repository, change variables, if not, exit 1
-if [ "$WAZUH_VERSION" -le "$WAZUH_CURRENT_VERSION" ]; then
-  IMAGE_VERSION=${WAZUH_IMAGE_VERSION}
-else
-  IMAGE_VERSION=${WAZUH_IMAGE_VERSION}
-fi
+IMAGE_VERSION=${WAZUH_IMAGE_VERSION}
 
 echo WAZUH_VERSION=$WAZUH_IMAGE_VERSION > .env
 echo WAZUH_IMAGE_VERSION=$IMAGE_VERSION >> .env

build-docker-images/wazuh-dashboard/Dockerfile

@@ -66,6 +66,8 @@ ENV PATTERN="" \
     EXTENSIONS_CISCAT="" \
     EXTENSIONS_AWS="" \
     EXTENSIONS_GCP="" \
+    EXTENSIONS_GITHUB=""\
+    EXTENSIONS_OFFICE=""\
     EXTENSIONS_VIRUSTOTAL="" \
     EXTENSIONS_OSQUERY="" \
     EXTENSIONS_DOCKER="" \
@@ -102,6 +104,10 @@ RUN chown 1000:1000 /*.sh
 # Copy Install dir from builder to current image
 COPY --from=builder --chown=1000:1000 $INSTALL_DIR $INSTALL_DIR
 
+# Create custom directory
+RUN mkdir -p /usr/share/wazuh-dashboard/plugins/wazuh/public/assets/custom
+RUN chown 1000:1000 /usr/share/wazuh-dashboard/plugins/wazuh/public/assets/custom
+
 # Set workdir and user
 WORKDIR $INSTALL_DIR
 USER wazuh-dashboard

build-docker-images/wazuh-dashboard/config/config.sh

@@ -9,8 +9,8 @@ export CONFIG_DIR=${INSTALLATION_DIR}/config
 
 ## Variables
 CERT_TOOL=wazuh-certs-tool.sh
-PACKAGES_URL=https://packages.wazuh.com/4.4/
-PACKAGES_DEV_URL=https://packages-dev.wazuh.com/4.4/
+PACKAGES_URL=https://packages.wazuh.com/4.6/
+PACKAGES_DEV_URL=https://packages-dev.wazuh.com/4.6/
 
 ## Check if the cert tool exists in S3 buckets
 CERT_TOOL_PACKAGES=$(curl --silent -I $PACKAGES_URL$CERT_TOOL | grep -E "^HTTP" | awk  '{print $2}')

build-docker-images/wazuh-dashboard/config/wazuh_app_config.sh

@@ -25,6 +25,8 @@ declare -A CONFIG_MAP=(
   [extensions.ciscat]=$EXTENSIONS_CISCAT
   [extensions.aws]=$EXTENSIONS_AWS
   [extensions.gcp]=$EXTENSIONS_GCP
+  [extensions.github]=$EXTENSIONS_GITHUB
+  [extensions.office]=$EXTENSIONS_OFFICE
   [extensions.virustotal]=$EXTENSIONS_VIRUSTOTAL
   [extensions.osquery]=$EXTENSIONS_OSQUERY
   [extensions.docker]=$EXTENSIONS_DOCKER

build-docker-images/wazuh-indexer/config/config.sh

@@ -53,8 +53,8 @@ tar -xf ${INDEXER_FILE}
 ## Variables
 CERT_TOOL=wazuh-certs-tool.sh
 PASSWORD_TOOL=wazuh-passwords-tool.sh
-PACKAGES_URL=https://packages.wazuh.com/4.4/
-PACKAGES_DEV_URL=https://packages-dev.wazuh.com/4.4/
+PACKAGES_URL=https://packages.wazuh.com/4.6/
+PACKAGES_DEV_URL=https://packages-dev.wazuh.com/4.6/
 
 ## Check if the cert tool exists in S3 buckets
 CERT_TOOL_PACKAGES=$(curl --silent -I $PACKAGES_URL$CERT_TOOL | grep -E "^HTTP" | awk  '{print $2}')

build-docker-images/wazuh-manager/Dockerfile

@@ -5,7 +5,7 @@ RUN rm /bin/sh && ln -s /bin/bash /bin/sh
 
 ARG WAZUH_VERSION
 ARG WAZUH_TAG_REVISION
-ARG TEMPLATE_VERSION=4.4
+ARG TEMPLATE_VERSION=v4.6.0
 ARG FILEBEAT_CHANNEL=filebeat-oss
 ARG FILEBEAT_VERSION=7.10.2
 ARG WAZUH_FILEBEAT_MODULE="wazuh-filebeat-0.2.tar.gz"
@@ -24,8 +24,6 @@ RUN curl -L -O https://artifacts.elastic.co/downloads/beats/filebeat/${FILEBEAT_
     dpkg -i ${FILEBEAT_CHANNEL}-${FILEBEAT_VERSION}-amd64.deb && rm -f ${FILEBEAT_CHANNEL}-${FILEBEAT_VERSION}-amd64.deb && \
     curl -s https://packages.wazuh.com/4.x/filebeat/${WAZUH_FILEBEAT_MODULE} | tar -xvz -C /usr/share/filebeat/module
 
-RUN curl -L https://github.com/aelsabbahy/goss/releases/latest/download/goss-linux-amd64 -o /usr/local/bin/goss && chmod +rx /usr/local/bin/goss
-
 ARG S6_VERSION="v2.2.0.3"
 RUN curl --fail --silent -L https://github.com/just-containers/s6-overlay/releases/download/${S6_VERSION}/s6-overlay-amd64.tar.gz \
     -o /tmp/s6-overlay-amd64.tar.gz && \
@@ -54,4 +52,4 @@ RUN chmod 755 /permanent_data.sh && \
 # Services ports
 EXPOSE 55000/tcp 1514/tcp 1515/tcp 514/udp 1516/tcp
 
-ENTRYPOINT [ "/init" ]
+ENTRYPOINT [ "/init" ]

build-docker-images/wazuh-manager/config/create_user.py

@@ -13,7 +13,7 @@ SPECIAL_CHARS = "@$!%*?&-_"
 
 
 try:
-    from wazuh.rbac.orm import create_rbac_db
+    from wazuh.rbac.orm import check_database_integrity
     from wazuh.security import (
         create_user,
         get_users,
@@ -69,7 +69,7 @@ if __name__ == "__main__":
     username, password = read_user_file()
 
     # create RBAC database
-    create_rbac_db()
+    check_database_integrity()
 
     initial_users = db_users()
     if username not in initial_users:

build-docker-images/wazuh-manager/config/permanent_data.env

@@ -21,6 +21,8 @@ PERMANENT_DATA_EXCP[((i++))]="/var/ossec/integrations/slack"
 PERMANENT_DATA_EXCP[((i++))]="/var/ossec/integrations/slack.py"
 PERMANENT_DATA_EXCP[((i++))]="/var/ossec/integrations/virustotal"
 PERMANENT_DATA_EXCP[((i++))]="/var/ossec/integrations/virustotal.py"
+PERMANENT_DATA_EXCP[((i++))]="/var/ossec/integrations/shuffle"
+PERMANENT_DATA_EXCP[((i++))]="/var/ossec/integrations/shuffle.py"
 PERMANENT_DATA_EXCP[((i++))]="/var/ossec/active-response/bin/default-firewall-drop"
 PERMANENT_DATA_EXCP[((i++))]="/var/ossec/active-response/bin/disable-account"
 PERMANENT_DATA_EXCP[((i++))]="/var/ossec/active-response/bin/firewalld-drop"

indexer-certs-creator/config/entrypoint.sh

@@ -8,8 +8,8 @@
 ## Variables
 CERT_TOOL=wazuh-certs-tool.sh
 PASSWORD_TOOL=wazuh-passwords-tool.sh
-PACKAGES_URL=https://packages.wazuh.com/4.4/
-PACKAGES_DEV_URL=https://packages-dev.wazuh.com/4.4/
+PACKAGES_URL=https://packages.wazuh.com/4.6/
+PACKAGES_DEV_URL=https://packages-dev.wazuh.com/4.6/
 
 ## Check if the cert tool exists in S3 buckets
 CERT_TOOL_PACKAGES=$(curl --silent -I $PACKAGES_URL$CERT_TOOL | grep -E "^HTTP" | awk  '{print $2}')
@@ -17,13 +17,13 @@ CERT_TOOL_PACKAGES_DEV=$(curl --silent -I $PACKAGES_DEV_URL$CERT_TOOL | grep -E
 
 ## If cert tool exists in some bucket, download it, if not exit 1
 if [ "$CERT_TOOL_PACKAGES" = "200" ]; then
-  curl -o $CERT_TOOL $PACKAGES_URL$CERT_TOOL
-  echo "Cert tool exists in Packages bucket"
+  curl -o $CERT_TOOL $PACKAGES_URL$CERT_TOOL -s
+  echo "The tool to create the certificates exists in the in Packages bucket"
 elif [ "$CERT_TOOL_PACKAGES_DEV" = "200" ]; then
-  curl -o $CERT_TOOL $PACKAGES_DEV_URL$CERT_TOOL
-  echo "Cert tool exists in Packages-dev bucket"
+  curl -o $CERT_TOOL $PACKAGES_DEV_URL$CERT_TOOL -s
+  echo "The tool to create the certificates exists in Packages-dev bucket"
 else
-  echo "Cert tool does not exist in any bucket"
+  echo "The tool to create the certificates does not exist in any bucket"
   echo "ERROR: certificates were not created"
   exit 1
 fi
@@ -41,9 +41,9 @@ source /$CERT_TOOL -A
 nodes_server=$( cert_parseYaml /config.yml | grep nodes_server__name | sed 's/nodes_server__name=//' )
 node_names=($nodes_server)
 
-echo "Moving created certificates to destination directory"
+echo "Moving created certificates to the destination directory"
 cp /wazuh-certificates/* /certificates/
-echo "changing certificate permissions"
+echo "Changing certificate permissions"
 chmod -R 500 /certificates
 chmod -R 400 /certificates/*
 echo "Setting UID indexer and dashboard"

multi-node/config/wazuh_cluster/wazuh_manager.conf

@@ -108,15 +108,16 @@
       <os>xenial</os>
       <os>bionic</os>
       <os>focal</os>
+      <os>jammy</os>
       <update_interval>1h</update_interval>
     </provider>
 
     <!-- Debian OS vulnerabilities -->
     <provider name="debian">
       <enabled>no</enabled>
-      <os>stretch</os>
       <os>buster</os>
       <os>bullseye</os>
+      <os>bookworm</os>
       <update_interval>1h</update_interval>
     </provider>
 
@@ -127,6 +128,7 @@
       <os>6</os>
       <os>7</os>
       <os>8</os>
+      <os>9</os>
       <update_interval>1h</update_interval>
     </provider>
 
@@ -138,6 +140,18 @@
       <update_interval>1h</update_interval>
     </provider>
 
+    <!-- SUSE Linux Enterprise OS vulnerabilities -->
+    <provider name="suse">
+      <enabled>no</enabled>
+      <os>11-server</os>
+      <os>11-desktop</os>
+      <os>12-server</os>
+      <os>12-desktop</os>
+      <os>15-server</os>
+      <os>15-desktop</os>
+      <update_interval>1h</update_interval>
+    </provider>
+
     <!-- Arch OS vulnerabilities -->
     <provider name="arch">
       <enabled>no</enabled>
@@ -150,10 +164,17 @@
       <update_interval>1h</update_interval>
     </provider>
 
+    <!-- Alma Linux OS vulnerabilities -->
+    <provider name="almalinux">
+      <enabled>no</enabled>
+      <os>8</os>
+      <os>9</os>
+      <update_interval>1h</update_interval>
+    </provider>
+
     <!-- Aggregate vulnerabilities -->
     <provider name="nvd">
       <enabled>yes</enabled>
-      <update_from_year>2010</update_from_year>
       <update_interval>1h</update_interval>
     </provider>
 
@@ -354,4 +375,4 @@
     <location>/var/log/dpkg.log</location>
   </localfile>
 
-</ossec_config>
+</ossec_config>

multi-node/config/wazuh_cluster/wazuh_worker.conf

@@ -108,15 +108,16 @@
       <os>xenial</os>
       <os>bionic</os>
       <os>focal</os>
+      <os>jammy</os>
       <update_interval>1h</update_interval>
     </provider>
 
     <!-- Debian OS vulnerabilities -->
     <provider name="debian">
       <enabled>no</enabled>
-      <os>stretch</os>
       <os>buster</os>
       <os>bullseye</os>
+      <os>bookworm</os>
       <update_interval>1h</update_interval>
     </provider>
 
@@ -127,6 +128,7 @@
       <os>6</os>
       <os>7</os>
       <os>8</os>
+      <os>9</os>
       <update_interval>1h</update_interval>
     </provider>
 
@@ -138,12 +140,32 @@
       <update_interval>1h</update_interval>
     </provider>
 
+    <!-- SUSE Linux Enterprise OS vulnerabilities -->
+    <provider name="suse">
+      <enabled>no</enabled>
+      <os>11-server</os>
+      <os>11-desktop</os>
+      <os>12-server</os>
+      <os>12-desktop</os>
+      <os>15-server</os>
+      <os>15-desktop</os>
+      <update_interval>1h</update_interval>
+    </provider>
+
     <!-- Arch OS vulnerabilities -->
     <provider name="arch">
       <enabled>no</enabled>
       <update_interval>1h</update_interval>
     </provider>
 
+    <!-- Alma Linux OS vulnerabilities -->
+    <provider name="almalinux">
+      <enabled>no</enabled>
+      <os>8</os>
+      <os>9</os>
+      <update_interval>1h</update_interval>
+    </provider>
+
     <!-- Windows OS vulnerabilities -->
     <provider name="msu">
       <enabled>yes</enabled>
@@ -153,7 +175,6 @@
     <!-- Aggregate vulnerabilities -->
     <provider name="nvd">
       <enabled>yes</enabled>
-      <update_from_year>2010</update_from_year>
       <update_interval>1h</update_interval>
     </provider>
 
@@ -354,4 +375,4 @@
     <location>/var/log/dpkg.log</location>
   </localfile>
 
-</ossec_config>
+</ossec_config>

multi-node/docker-compose.yml

@@ -3,9 +3,16 @@ version: '3.7'
 
 services:
   wazuh.master:
-    image: wazuh/wazuh-manager:4.4.5
+    image: wazuh/wazuh-manager:4.6.0
     hostname: wazuh.master
     restart: always
+    ulimits:
+      memlock:
+        soft: -1
+        hard: -1
+      nofile:
+        soft: 655360
+        hard: 655360
     ports:
       - "1515:1515"
       - "514:514/udp"
@@ -38,9 +45,16 @@ services:
       - ./config/wazuh_cluster/wazuh_manager.conf:/wazuh-config-mount/etc/ossec.conf
 
   wazuh.worker:
-    image: wazuh/wazuh-manager:4.4.5
+    image: wazuh/wazuh-manager:4.6.0
     hostname: wazuh.worker
     restart: always
+    ulimits:
+      memlock:
+        soft: -1
+        hard: -1
+      nofile:
+        soft: 655360
+        hard: 655360
     environment:
       - INDEXER_URL=https://wazuh1.indexer:9200
       - INDEXER_USERNAME=admin
@@ -67,7 +81,7 @@ services:
       - ./config/wazuh_cluster/wazuh_worker.conf:/wazuh-config-mount/etc/ossec.conf
 
   wazuh1.indexer:
-    image: wazuh/wazuh-indexer:4.4.5
+    image: wazuh/wazuh-indexer:4.6.0
     hostname: wazuh1.indexer
     restart: always
     ports:
@@ -93,7 +107,7 @@ services:
       - ./config/wazuh_indexer/internal_users.yml:/usr/share/wazuh-indexer/opensearch-security/internal_users.yml
 
   wazuh2.indexer:
-    image: wazuh/wazuh-indexer:4.4.5
+    image: wazuh/wazuh-indexer:4.6.0
     hostname: wazuh2.indexer
     restart: always
     environment:
@@ -115,7 +129,7 @@ services:
       - ./config/wazuh_indexer/internal_users.yml:/usr/share/wazuh-indexer/opensearch-security/internal_users.yml
 
   wazuh3.indexer:
-    image: wazuh/wazuh-indexer:4.4.5
+    image: wazuh/wazuh-indexer:4.6.0
     hostname: wazuh3.indexer
     restart: always
     environment:
@@ -137,7 +151,7 @@ services:
       - ./config/wazuh_indexer/internal_users.yml:/usr/share/wazuh-indexer/opensearch-security/internal_users.yml
 
   wazuh.dashboard:
-    image: wazuh/wazuh-dashboard:4.4.5
+    image: wazuh/wazuh-dashboard:4.6.0
     hostname: wazuh.dashboard
     restart: always
     ports:
@@ -155,6 +169,8 @@ services:
       - ./config/wazuh_indexer_ssl_certs/root-ca.pem:/usr/share/wazuh-dashboard/certs/root-ca.pem
       - ./config/wazuh_dashboard/opensearch_dashboards.yml:/usr/share/wazuh-dashboard/config/opensearch_dashboards.yml
       - ./config/wazuh_dashboard/wazuh.yml:/usr/share/wazuh-dashboard/data/wazuh/config/wazuh.yml
+      - wazuh-dashboard-config:/usr/share/wazuh-dashboard/data/wazuh/config
+      - wazuh-dashboard-custom:/usr/share/wazuh-dashboard/plugins/wazuh/public/assets/custom
     depends_on:
       - wazuh1.indexer
     links:
@@ -204,3 +220,5 @@ volumes:
   wazuh-indexer-data-1:
   wazuh-indexer-data-2:
   wazuh-indexer-data-3:
+  wazuh-dashboard-config:
+  wazuh-dashboard-custom:

single-node/config/wazuh_cluster/wazuh_manager.conf

@@ -108,15 +108,16 @@
       <os>xenial</os>
       <os>bionic</os>
       <os>focal</os>
+      <os>jammy</os>
       <update_interval>1h</update_interval>
     </provider>
 
     <!-- Debian OS vulnerabilities -->
     <provider name="debian">
       <enabled>no</enabled>
-      <os>stretch</os>
       <os>buster</os>
       <os>bullseye</os>
+      <os>bookworm</os>
       <update_interval>1h</update_interval>
     </provider>
 
@@ -127,6 +128,7 @@
       <os>6</os>
       <os>7</os>
       <os>8</os>
+      <os>9</os>
       <update_interval>1h</update_interval>
     </provider>
 
@@ -138,12 +140,32 @@
       <update_interval>1h</update_interval>
     </provider>
 
+    <!-- SUSE Linux Enterprise OS vulnerabilities -->
+    <provider name="suse">
+      <enabled>no</enabled>
+      <os>11-server</os>
+      <os>11-desktop</os>
+      <os>12-server</os>
+      <os>12-desktop</os>
+      <os>15-server</os>
+      <os>15-desktop</os>
+      <update_interval>1h</update_interval>
+    </provider>
+
     <!-- Arch OS vulnerabilities -->
     <provider name="arch">
       <enabled>no</enabled>
       <update_interval>1h</update_interval>
     </provider>
 
+    <!-- Alma Linux OS vulnerabilities -->
+    <provider name="almalinux">
+      <enabled>no</enabled>
+      <os>8</os>
+      <os>9</os>
+      <update_interval>1h</update_interval>
+    </provider>
+
     <!-- Windows OS vulnerabilities -->
     <provider name="msu">
       <enabled>yes</enabled>
@@ -153,7 +175,6 @@
     <!-- Aggregate vulnerabilities -->
     <provider name="nvd">
       <enabled>yes</enabled>
-      <update_from_year>2010</update_from_year>
       <update_interval>1h</update_interval>
     </provider>
 

single-node/docker-compose.yml

@@ -3,9 +3,16 @@ version: '3.7'
 
 services:
   wazuh.manager:
-    image: wazuh/wazuh-manager:4.4.5
+    image: wazuh/wazuh-manager:4.6.0
     hostname: wazuh.manager
     restart: always
+    ulimits:
+      memlock:
+        soft: -1
+        hard: -1
+      nofile:
+        soft: 655360
+        hard: 655360
     ports:
       - "1514:1514"
       - "1515:1515"
@@ -39,7 +46,7 @@ services:
       - ./config/wazuh_cluster/wazuh_manager.conf:/wazuh-config-mount/etc/ossec.conf
 
   wazuh.indexer:
-    image: wazuh/wazuh-indexer:4.4.5
+    image: wazuh/wazuh-indexer:4.6.0
     hostname: wazuh.indexer
     restart: always
     ports:
@@ -64,7 +71,7 @@ services:
       - ./config/wazuh_indexer/internal_users.yml:/usr/share/wazuh-indexer/opensearch-security/internal_users.yml
 
   wazuh.dashboard:
-    image: wazuh/wazuh-dashboard:4.4.5
+    image: wazuh/wazuh-dashboard:4.6.0
     hostname: wazuh.dashboard
     restart: always
     ports:
@@ -83,6 +90,8 @@ services:
       - ./config/wazuh_indexer_ssl_certs/root-ca.pem:/usr/share/wazuh-dashboard/certs/root-ca.pem
       - ./config/wazuh_dashboard/opensearch_dashboards.yml:/usr/share/wazuh-dashboard/config/opensearch_dashboards.yml
       - ./config/wazuh_dashboard/wazuh.yml:/usr/share/wazuh-dashboard/data/wazuh/config/wazuh.yml
+      - wazuh-dashboard-config:/usr/share/wazuh-dashboard/data/wazuh/config
+      - wazuh-dashboard-custom:/usr/share/wazuh-dashboard/plugins/wazuh/public/assets/custom
     depends_on:
       - wazuh.indexer
     links:
@@ -102,3 +111,5 @@ volumes:
   filebeat_etc:
   filebeat_var:
   wazuh-indexer-data:
+  wazuh-dashboard-config:
+  wazuh-dashboard-custom: