Merge pull request #445 from wazuh/release-wazuh_4.1.1

Bump to 4.1.1
2025-10-31 03:53:32 +00:00 · 2021-02-25 17:50:03 +01:00 · 2021-02-22 12:31:59 +01:00 · 2021-02-17 17:55:24 +01:00 · 2021-02-17 17:54:09 +01:00 · 2021-02-17 17:45:05 +01:00
35 changed files with 1313 additions and 70 deletions
--- a/.github/workflows/push.yml
+++ b/.github/workflows/push.yml
@@ -6,9 +6,31 @@ jobs:
  build-stack:
    runs-on: ubuntu-latest
    steps:
    - name: Check out code
      uses: actions/checkout@v2
    - name: Build the docker-compose stack
-      run: docker-compose up -d --build
+      run: docker-compose -f build-from-sources.yml up -d --build
    - name: Check running containers
      run: docker ps -a
    - name: Shutdown the stack
      run: docker-compose -f build-from-sources.yml kill
    - name: Install Goss
      uses: e1himself/goss-installation-action@v1.0.3
      with:
        version: v0.3.16
    - name: Execute Goss tests (wazuh-odfe)
      run: dgoss run wazuh/wazuh-odfe:dev-version
      env:
        GOSS_SLEEP: 30
        GOSS_FILE: .goss.yaml
    - name: Execute Goss tests (wazuh-kibana-odfe)
      run: dgoss run wazuh/wazuh-kibana-odfe:dev-version
      env:
        GOSS_FILE: .goss.kibana.yaml
--- a/.goss.kibana.yaml
+++ b/.goss.kibana.yaml
@@ -0,0 +1,53 @@
 file:
  /usr/share/kibana/config/kibana.yml:
    exists: true
    mode: "0664"
    owner: kibana
    group: root
    filetype: file
    contains: []
  /usr/share/kibana/src/core/server/core_app/assets/legacy_light_theme.css:
    exists: true
    mode: "0664"
    owner: kibana
    group: root
    filetype: file
    contains: []
  /usr/share/kibana/src/core/server/core_app/assets/wazuh_logo_circle.svg:
    exists: true
    mode: "0644"
    owner: kibana
    group: root
    filetype: file
    contains: []
  /usr/share/kibana/src/core/server/core_app/assets/wazuh_wazuh_bg.svg:
    exists: true
    mode: "0644"
    owner: kibana
    group: root
    filetype: file
    contains: []
  /usr/share/kibana/data/wazuh/config/wazuh.yml:
    exists: true
    mode: "0644"
    owner: kibana
    group: kibana
    filetype: file
    contains: []
  /usr/share/kibana/src/legacy/ui/ui_render/bootstrap/template.js.hbs:
    exists: true
    mode: "0664"
    owner: kibana
    group: root
    filetype: file
    contains: []
 user:
  kibana:
    exists: true
    groups:
    - kibana
    home: /usr/share/kibana
    shell: /bin/bash
 group:
  kibana:
    exists: true
--- a/.goss.yaml
+++ b/.goss.yaml
@@ -0,0 +1,115 @@
 file:
  /etc/filebeat/filebeat.yml:
    exists: true
    mode: "0644"
    owner: root
    group: root
    filetype: file
    contains: []
  /var/ossec/bin/ossec-control:
    exists: true
    mode: "0750"
    owner: root
    group: root
    filetype: file
    contains: []
  /var/ossec/etc/lists/audit-keys:
    exists: true
    mode: "0660"
    owner: ossec
    group: ossec
    filetype: file
    contains: []
  /var/ossec/etc/ossec.conf:
    exists: true
    mode: "0660"
    owner: root
    group: ossec
    filetype: file
    contains: []
  /var/ossec/etc/rules/local_rules.xml:
    exists: true
    mode: "0660"
    owner: ossec
    group: ossec
    filetype: file
    contains: []
  /var/ossec/etc/sslmanager.cert:
    exists: true
    mode: "0640"
    owner: root
    group: root
    filetype: file
    contains: []
  /var/ossec/etc/sslmanager.key:
    exists: true
    mode: "0640"
    owner: root
    group: root
    filetype: file
    contains: []
 package:
  filebeat:
    installed: true
    versions:
    - 7.10.0
  wazuh-manager:
    installed: true
    versions:
    - 4.1.1
 port:
  tcp:1514:
    listening: true
    ip:
    - 0.0.0.0
  tcp:1515:
    listening: true
    ip:
    - 0.0.0.0
  tcp:55000:
    listening: true
    ip:
    - 0.0.0.0
 user:
  ossec:
    exists: true
    groups:
    - ossec
    home: /var/ossec
    shell: /sbin/nologin
  ossecm:
    exists: true
    groups:
    - ossec
    home: /var/ossec
    shell: /sbin/nologin
  ossecr:
    exists: true
    groups:
    - ossec
    home: /var/ossec
    shell: /sbin/nologin
 group:
  ossec:
    exists: true
 process:
  filebeat:
    running: true
  ossec-analysisd:
    running: true
  ossec-authd:
    running: true
  ossec-execd:
    running: true
  ossec-monitord:
    running: true
  ossec-remoted:
    running: true
  ossec-syscheckd:
    running: true
  s6-supervise:
    running: true
  wazuh-db:
    running: true
  wazuh-modulesd:
    running: true
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,6 +1,49 @@
 # Change Log
 All notable changes to this project will be documented in this file.
 ## Wazuh Docker v4.1.1
 ### Added
 - Update Wazuh to version [4.1.1](https://github.com/wazuh/wazuh/blob/v4.1.1/CHANGELOG.md#v411)
 ## Wazuh Docker v4.1.0
 ### Added
 - Update Wazuh to version [4.1.0](https://github.com/wazuh/wazuh/blob/v4.1.0/CHANGELOG.md#v410)
 - Update ODFE compatibility to version 1.12.0
 - Add support for Elasticsearch (xpack) images once again (7.10.2)  ([@xr09](https://github.com/xr09)) [#409](https://github.com/wazuh/wazuh-docker/pull/409)
 - Re-enable entrypoint scripts  ([@xr09](https://github.com/xr09)) [#435](https://github.com/wazuh/wazuh-docker/pull/435)
 - Add Goss binary for healthchecks ([@xr09](https://github.com/xr09)) [$441](https://github.com/wazuh/wazuh-docker/pull/441)
 - Update s6-overlay to latest version
 ## Wazuh Docker v4.0.4_1.11.0
 ### Added
 - Update to Wazuh version [4.0.4](https://github.com/wazuh/wazuh/blob/v4.0.4/CHANGELOG.md#v404)
 ## Wazuh Docker v4.0.3_1.11.0
 ### Added
 - Update to Wazuh version 4.0.3
 ## Wazuh Docker v4.0.2_1.11.0
 ### Added
 - Update to Wazuh version 4.0.2
 ## Wazuh Docker v4.0.1_1.11.0
 ### Added
 - Update to Wazuh version 4.0.1
 - Opendistro 1.11.0 compatiblity
 - Re-enabled dumping ossec.log to stdout
 ## Wazuh Docker v4.0.0_1.10.1
 ### Added
--- a/2
+++ b/2
@@ -1,5 +1,5 @@
- Portions Copyright (C) 2020 Wazuh, Inc.
+ Portions Copyright (C) 2021 Wazuh, Inc.
 Based on work Copyright (C) 2003 - 2013 Trend Micro, Inc.
 This program is a free software; you can redistribute it and/or modify
--- a/README.md
+++ b/README.md
@@ -89,8 +89,6 @@ ADMIN_PRIVILEGES=true               # App privileges
    ├── CHANGELOG.md
    ├── docker-compose.yml
    ├── elastic_conf
    │   └── elasticsearch.yml
    ├── generate-opendistro-certs.yml
    ├── kibana-odfe
    │   ├── config
@@ -150,15 +148,26 @@ ADMIN_PRIVILEGES=true               # App privileges
 * `4.0` branch on correspond to the latest Wazuh-Docker stable version.
 * `master` branch contains the latest code, be aware of possible bugs on this branch.
-* `Wazuh.Version_ElasticStack.Version` (for example 3.10.2_7.5.0) branch. This branch contains the current release referenced in Docker Hub. The container images are installed under the current version of this branch.
+* `Wazuh.Version` (for example 3.13.1_7.8.0 or 4.1.0) branch. This branch contains the current release referenced in Docker Hub. The container images are installed under the current version of this branch.
 ## Compatibility Matrix
-| Wazuh version | ODFE    |
+| Wazuh version | ODFE    | XPACK  |
-|---------------|---------|
+|---------------|---------|--------|
-| v4.0.0        | 1.10.1  |
+| v4.1.1        | 1.12.0  | 7.10.2 |
-
+|---------------|---------|--------|
 | v4.1.0        | 1.12.0  | 7.10.2 |
 |---------------|---------|--------|
 | v4.0.4        | 1.11.0  |        |
 |---------------|---------|--------|
 | v4.0.3        | 1.11.0  |        |
 |---------------|---------|--------|
 | v4.0.2        | 1.11.0  |        |
 |---------------|---------|--------|
 | v4.0.1        | 1.11.0  |        |
 |---------------|---------|--------|
 | v4.0.0        | 1.10.1  |        |
 ## Credits and Thank you
@@ -171,7 +180,7 @@ We thank you them and everyone else who has contributed to this project.
 ## License and copyright
-Wazuh Docker Copyright (C) 2020 Wazuh Inc. (License GPLv2)
+Wazuh Docker Copyright (C) 2021 Wazuh Inc. (License GPLv2)
 ## Web references
--- a/4
+++ b/4
@@ -1,2 +1,2 @@
-WAZUH-DOCKER_VERSION="4.0.0_1.10.1"
+WAZUH-DOCKER_VERSION="4.1.1"
-REVISION="40000"
+REVISION="41100"
--- a/build-from-sources.yml
+++ b/build-from-sources.yml
@@ -0,0 +1,84 @@
 # Wazuh App Copyright (C) 2021 Wazuh Inc. (License GPLv2)
 version: '3.7'
 services:
  wazuh:
    build:  wazuh-odfe/
    image: wazuh/wazuh-odfe:dev-version
    hostname: wazuh-manager
    restart: always
    ports:
      - "1514:1514"
      - "1515:1515"
      - "514:514/udp"
      - "55000:55000"
    environment:
      - ELASTICSEARCH_URL=https://elasticsearch:9200
      - ELASTIC_USERNAME=admin
      - ELASTIC_PASSWORD=admin
      - FILEBEAT_SSL_VERIFICATION_MODE=none
    volumes:
      - ossec_api_configuration:/var/ossec/api/configuration
      - ossec_etc:/var/ossec/etc
      - ossec_logs:/var/ossec/logs
      - ossec_queue:/var/ossec/queue
      - ossec_var_multigroups:/var/ossec/var/multigroups
      - ossec_integrations:/var/ossec/integrations
      - ossec_active_response:/var/ossec/active-response/bin
      - ossec_agentless:/var/ossec/agentless
      - ossec_wodles:/var/ossec/wodles
      - filebeat_etc:/etc/filebeat
      - filebeat_var:/var/lib/filebeat
  elasticsearch:
    image: amazon/opendistro-for-elasticsearch:1.12.0
    hostname: elasticsearch
    restart: always
    ports:
      - "9200:9200"
    environment:
      - discovery.type=single-node
      - cluster.name=wazuh-cluster
      - network.host=0.0.0.0
      - "ES_JAVA_OPTS=-Xms512m -Xmx512m"
      - bootstrap.memory_lock=true
    ulimits:
      memlock:
        soft: -1
        hard: -1
      nofile:
        soft: 65536
        hard: 65536
  kibana:
    build: kibana-odfe/
    image: wazuh/wazuh-kibana-odfe:dev-version
    hostname: kibana
    restart: always
    ports:
      - 443:5601
    environment:
      - ELASTICSEARCH_USERNAME=admin
      - ELASTICSEARCH_PASSWORD=admin
      - SERVER_SSL_ENABLED=true
      - SERVER_SSL_CERTIFICATE=/usr/share/kibana/config/opendistroforelasticsearch.example.org.cert
      - SERVER_SSL_KEY=/usr/share/kibana/config/opendistroforelasticsearch.example.org.key
    depends_on:
      - elasticsearch
    links:
      - elasticsearch:elasticsearch
      - wazuh:wazuh
 volumes:
  ossec_api_configuration:
  ossec_etc:
  ossec_logs:
  ossec_queue:
  ossec_var_multigroups:
  ossec_integrations:
  ossec_active_response:
  ossec_agentless:
  ossec_wodles:
  filebeat_etc:
  filebeat_var:
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -1,9 +1,9 @@
-# Wazuh App Copyright (C) 2020 Wazuh Inc. (License GPLv2)
+# Wazuh App Copyright (C) 2021 Wazuh Inc. (License GPLv2)
 version: '3.7'
 services:
  wazuh:
-    image: wazuh/wazuh-odfe:4.0.0_1.10.1
+    image: wazuh/wazuh-odfe:4.1.1
    hostname: wazuh-manager
    restart: always
    ports:
@@ -30,7 +30,7 @@ services:
      - filebeat_var:/var/lib/filebeat
  elasticsearch:
-    image: amazon/opendistro-for-elasticsearch:1.10.1
+    image: amazon/opendistro-for-elasticsearch:1.12.0
    hostname: elasticsearch
    restart: always
    ports:
@@ -50,7 +50,7 @@ services:
        hard: 65536
  kibana:
-    image: wazuh/wazuh-kibana-odfe:4.0.0_1.10.1
+    image: wazuh/wazuh-kibana-odfe:4.1.1
    hostname: kibana
    restart: always
    ports:
--- a/elastic_conf/elasticsearch.yml
+++ b/elastic_conf/elasticsearch.yml
@@ -1,3 +0,0 @@
 cluster.name: wazuh-elastic
 network.host: 0.0.0.0
--- a/generate-elasticsearch-certs.yml
+++ b/generate-elasticsearch-certs.yml
@@ -0,0 +1,17 @@
 version: '2.2'
 services:
  generator:
    container_name: generator
    image: docker.elastic.co/elasticsearch/elasticsearch:7.10.2
    command: >
      bash -c '
        if [[ ! -f config/certificates/bundle.zip ]]; then
          bin/elasticsearch-certutil cert --silent --pem --in config/certificates/instances.yml -out config/certificates/bundle.zip;
          unzip config/certificates/bundle.zip -d config/certificates/;
        fi;
        chown -R 1000:0 /certs
      '
    user: "0"
    working_dir: /usr/share/elasticsearch
    volumes: ['./xpack:/usr/share/elasticsearch/config/certificates']
--- a/generate-opendistro-certs.yml
+++ b/generate-opendistro-certs.yml
@@ -1,4 +1,4 @@
-# Wazuh App Copyright (C) 2020 Wazuh Inc. (License GPLv2)
+# Wazuh App Copyright (C) 2021 Wazuh Inc. (License GPLv2)
 version: '3'
 services:
--- a/kibana-odfe/Dockerfile
+++ b/kibana-odfe/Dockerfile
@@ -1,8 +1,8 @@
-# Wazuh Docker Copyright (C) 2020 Wazuh Inc. (License GPLv2)
+# Wazuh Docker Copyright (C) 2021 Wazuh Inc. (License GPLv2)
-FROM amazon/opendistro-for-elasticsearch-kibana:1.10.1
+FROM amazon/opendistro-for-elasticsearch-kibana:1.12.0
 USER kibana
-ARG ELASTIC_VERSION=7.9.1
+ARG ELASTIC_VERSION=7.10.0
-ARG WAZUH_VERSION=4.0.0
+ARG WAZUH_VERSION=4.1.1
 ARG WAZUH_APP_VERSION="${WAZUH_VERSION}_${ELASTIC_VERSION}"
 WORKDIR /usr/share/kibana
@@ -42,7 +42,6 @@ ENV PATTERN="" \
    ADMIN_PRIVILEGES=""
 USER kibana
 RUN NODE_OPTIONS="--max-old-space-size=2048" /usr/local/bin/kibana-docker --optimize
 COPY ./config/custom_welcome /tmp/custom_welcome
 COPY --chown=kibana:kibana ./config/welcome_wazuh.sh ./
@@ -50,7 +49,7 @@ RUN chmod +x ./welcome_wazuh.sh
 ARG CHANGE_WELCOME="true"
 RUN ./welcome_wazuh.sh
-COPY --chown=kibana:kibana ./config/wazuh.yml /usr/share/kibana/optimize/wazuh/config/wazuh.yml
+COPY --chown=kibana:kibana ./config/wazuh.yml /usr/share/kibana/data/wazuh/config/wazuh.yml
 COPY --chown=kibana:kibana ./config/wazuh_app_config.sh ./
 RUN chmod +x ./wazuh_app_config.sh
--- a/kibana-odfe/config/entrypoint.sh
+++ b/kibana-odfe/config/entrypoint.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
-# Wazuh Docker Copyright (C) 2020 Wazuh Inc. (License GPLv2)
+# Wazuh Docker Copyright (C) 2021 Wazuh Inc. (License GPLv2)
 set -e
--- a/kibana-odfe/config/kibana_settings.sh
+++ b/kibana-odfe/config/kibana_settings.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
-# Wazuh Docker Copyright (C) 2020 Wazuh Inc. (License GPLv2)
+# Wazuh Docker Copyright (C) 2021 Wazuh Inc. (License GPLv2)
 WAZUH_MAJOR=4
--- a/kibana-odfe/config/wazuh.yml
+++ b/kibana-odfe/config/wazuh.yml
@@ -1,7 +1,7 @@
 ---
 #
 # Wazuh app - App configuration file
-# Copyright (C) 2015-2020 Wazuh, Inc.
+# Copyright (C) 2015-2021 Wazuh, Inc.
 #
 # This program is free software; you can redistribute it and/or modify
 # it under the terms of the GNU General Public License as published by
--- a/kibana-odfe/config/wazuh_app_config.sh
+++ b/kibana-odfe/config/wazuh_app_config.sh
@@ -1,12 +1,12 @@
 #!/bin/bash
-# Wazuh Docker Copyright (C) 2020 Wazuh Inc. (License GPLv2)
+# Wazuh Docker Copyright (C) 2021 Wazuh Inc. (License GPLv2)
 wazuh_url="${WAZUH_API_URL:-https://wazuh}"
 wazuh_port="${API_PORT:-55000}"
-api_username="${API_USERNAME:-wazuh}"
+api_username="${API_USERNAME:-wazuh-wui}"
-api_password="${API_PASSWORD:-wazuh}"
+api_password="${API_PASSWORD:-wazuh-wui}"
-kibana_config_file="/usr/share/kibana/optimize/wazuh/config/wazuh.yml"
+kibana_config_file="/usr/share/kibana/data/wazuh/config/wazuh.yml"
 declare -A CONFIG_MAP=(
  [pattern]=$PATTERN
--- a/kibana-odfe/config/welcome_wazuh.sh
+++ b/kibana-odfe/config/welcome_wazuh.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
-# Wazuh Docker Copyright (C) 2020 Wazuh Inc. (License GPLv2)
+# Wazuh Docker Copyright (C) 2021 Wazuh Inc. (License GPLv2)
 if [[ $CHANGE_WELCOME == "true" ]]
 then
@@ -8,7 +8,7 @@ then
    echo "Set custom welcome styles"
    cp -f /tmp/custom_welcome/template.js.hbs /usr/share/kibana/src/legacy/ui/ui_render/bootstrap/template.js.hbs
-    cp -f /tmp/custom_welcome/light_theme.style.css /usr/share/kibana/optimize/bundles/light_theme.style.css
+    cp -f /tmp/custom_welcome/light_theme.style.css /usr/share/kibana/src/core/server/core_app/assets/legacy_light_theme.css
-    cp -f /tmp/custom_welcome/*svg /usr/share/kibana/optimize/bundles/
+    cp -f /tmp/custom_welcome/*svg /usr/share/kibana/src/core/server/core_app/assets/
 fi
--- a/kibana/Dockerfile
+++ b/kibana/Dockerfile
@@ -0,0 +1,64 @@
 # Wazuh Docker Copyright (C) 2021 Wazuh Inc. (License GPLv2)
 FROM docker.elastic.co/kibana/kibana:7.10.2
 USER kibana
 ARG ELASTIC_VERSION=7.10.2
 ARG WAZUH_VERSION=4.1.1
 ARG WAZUH_APP_VERSION="${WAZUH_VERSION}_${ELASTIC_VERSION}"
 WORKDIR /usr/share/kibana
 RUN ./bin/kibana-plugin install https://packages.wazuh.com/4.x/ui/kibana/wazuh_kibana-${WAZUH_APP_VERSION}-1.zip
 ENV PATTERN="" \
    CHECKS_PATTERN="" \
    CHECKS_TEMPLATE="" \
    CHECKS_API="" \
    CHECKS_SETUP="" \
    EXTENSIONS_PCI="" \
    EXTENSIONS_GDPR="" \
    EXTENSIONS_HIPAA="" \
    EXTENSIONS_NIST="" \
    EXTENSIONS_TSC="" \
    EXTENSIONS_AUDIT="" \
    EXTENSIONS_OSCAP="" \
    EXTENSIONS_CISCAT="" \
    EXTENSIONS_AWS="" \
    EXTENSIONS_GCP="" \
    EXTENSIONS_VIRUSTOTAL="" \
    EXTENSIONS_OSQUERY="" \
    EXTENSIONS_DOCKER="" \
    APP_TIMEOUT="" \
    API_SELECTOR="" \
    IP_SELECTOR="" \
    IP_IGNORE="" \
    WAZUH_MONITORING_ENABLED="" \
    WAZUH_MONITORING_FREQUENCY="" \
    WAZUH_MONITORING_SHARDS="" \
    WAZUH_MONITORING_REPLICAS="" \
    ADMIN_PRIVILEGES="" \
    XPACK_CANVAS="true" \
    XPACK_LOGS="true"   \
    XPACK_INFRA="true"  \
    XPACK_ML="true" \
    XPACK_DEVTOOLS="true"   \
    XPACK_MONITORING="true" \
    XPACK_APM="true"
 WORKDIR /
 USER kibana
 COPY --chown=kibana:kibana config/entrypoint.sh ./entrypoint.sh
 RUN chmod 755 ./entrypoint.sh
 RUN printf "\nserver.defaultRoute: /app/wazuh\n" >> /usr/share/kibana/config/kibana.yml
 COPY --chown=kibana:kibana ./config/wazuh.yml /usr/share/kibana/data/wazuh/config/wazuh.yml
 COPY --chown=kibana:kibana ./config/wazuh_app_config.sh ./
 RUN chmod +x ./wazuh_app_config.sh
 COPY --chown=kibana:kibana ./config/kibana_settings.sh ./
 RUN chmod +x ./kibana_settings.sh
 COPY --chown=kibana:kibana ./config/xpack_config.sh ./
 RUN chmod +x ./xpack_config.sh
 ENTRYPOINT ./entrypoint.sh
--- a/kibana/config/entrypoint.sh
+++ b/kibana/config/entrypoint.sh
@@ -0,0 +1,60 @@
 #!/bin/bash
 # Wazuh Docker Copyright (C) 2021 Wazuh Inc. (License GPLv2)
 set -e
 ##############################################################################
 # Waiting for elasticsearch
 ##############################################################################
 if [ "x${ELASTICSEARCH_URL}" = "x" ]; then
  export el_url="http://elasticsearch:9200"
 else
  export el_url="${ELASTICSEARCH_URL}"
 fi
 if [[ ${ENABLED_SECURITY} == "false" || "x${ELASTICSEARCH_USERNAME}" = "x" || "x${ELASTICSEARCH_PASSWORD}" = "x" ]]; then
  export auth=""
 else
  export auth="--user ${ELASTICSEARCH_USERNAME}:${ELASTICSEARCH_PASSWORD} -k"
 fi
 until curl -XGET $el_url ${auth}; do
  >&2 echo "Elastic is unavailable - sleeping"
  sleep 5
 done
 sleep 2
 >&2 echo "Elasticsearch is up."
 ##############################################################################
 # Waiting for wazuh alerts template
 ##############################################################################
 strlen=0
 while [[ $strlen -eq 0 ]]
 do
  template=$(curl ${auth} $el_url/_cat/templates/wazuh -s)
  strlen=${#template}
  >&2 echo "Wazuh alerts template not loaded - sleeping."
  sleep 2
 done
 sleep 2
 >&2 echo "Wazuh alerts template is loaded."
 ./xpack_config.sh
 ./wazuh_app_config.sh
 sleep 5
 ./kibana_settings.sh &
 sleep 2
 /usr/local/bin/kibana-docker
--- a/kibana/config/kibana_settings.sh
+++ b/kibana/config/kibana_settings.sh
@@ -0,0 +1,79 @@
 #!/bin/bash
 # Wazuh Docker Copyright (C) 2021 Wazuh Inc. (License GPLv2)
 WAZUH_MAJOR=4
 ##############################################################################
 # Wait for the Kibana API to start. It is necessary to do it in this container
 # because the others are running Elastic Stack and we can not interrupt them.
 #
 # The following actions are performed:
 #
 # Add the wazuh alerts index as default.
 # Set the Discover time interval to 24 hours instead of 15 minutes.
 # Do not ask user to help providing usage statistics to Elastic.
 ##############################################################################
 ##############################################################################
 # Customize elasticsearch ip
 ##############################################################################
 sed -i "s|elasticsearch.hosts:.*|elasticsearch.hosts: $el_url|g" /usr/share/kibana/config/kibana.yml
 # If KIBANA_INDEX was set, then change the default index in kibana.yml configuration file. If there was an index, then delete it and recreate.
 if [ "$KIBANA_INDEX" != "" ]; then
  if grep -q 'kibana.index' /usr/share/kibana/config/kibana.yml; then
    sed -i '/kibana.index/d' /usr/share/kibana/config/kibana.yml
  fi
    echo "kibana.index: $KIBANA_INDEX" >> /usr/share/kibana/config/kibana.yml
 fi
 kibana_proto="http"
 if [ "$XPACK_SECURITY_ENABLED" != "" ]; then
  kibana_proto="https"
  if grep -q 'xpack.security.enabled' /usr/share/kibana/config/kibana.yml; then
    sed -i '/xpack.security.enabled/d' /usr/share/kibana/config/kibana.yml
  fi
    echo "xpack.security.enabled: $XPACK_SECURITY_ENABLED" >> /usr/share/kibana/config/kibana.yml
 fi
 # Add auth headers if required
 if [ "$ELASTICSEARCH_USERNAME" != "" ] && [ "$ELASTICSEARCH_PASSWORD" != "" ]; then
    curl_auth="-u $ELASTICSEARCH_USERNAME:$ELASTICSEARCH_PASSWORD"
 fi
 while [[ "$(curl $curl_auth -XGET -I  -s -o /dev/null -w ''%{http_code}'' -k $kibana_proto://127.0.0.1:5601/status)" != "200" ]]; do
  echo "Waiting for Kibana API. Sleeping 5 seconds"
  sleep 5
 done
 # Prepare index selection.
 echo "Kibana API is running"
 default_index="/tmp/default_index.json"
 cat > ${default_index} << EOF
 {
  "changes": {
    "defaultIndex": "wazuh-alerts-${WAZUH_MAJOR}.x-*"
  }
 }
 EOF
 sleep 5
 # Add the wazuh alerts index as default.
 curl ${auth} -POST -k "$kibana_proto://127.0.0.1:5601/api/kibana/settings" -H "Content-Type: application/json" -H "kbn-xsrf: true" -d@${default_index}
 rm -f ${default_index}
 sleep 5
 # Configuring Kibana TimePicker.
 curl ${auth} -POST -k "$kibana_proto://127.0.0.1:5601/api/kibana/settings" -H "Content-Type: application/json" -H "kbn-xsrf: true" -d \
 '{"changes":{"timepicker:timeDefaults":"{\n  \"from\": \"now-12h\",\n  \"to\": \"now\",\n  \"mode\": \"quick\"}"}}'
 sleep 5
 # Do not ask user to help providing usage statistics to Elastic
 curl ${auth} -POST -k "$kibana_proto://127.0.0.1:5601/api/telemetry/v2/optIn" -H "Content-Type: application/json" -H "kbn-xsrf: true" -d '{"enabled":false}'
 echo "End settings"
--- a/kibana/config/wazuh.yml
+++ b/kibana/config/wazuh.yml
@@ -0,0 +1,162 @@
 ---
 #
 # Wazuh app - App configuration file
 # Copyright (C) 2015-2021 Wazuh, Inc.
 #
 # This program is free software; you can redistribute it and/or modify
 # it under the terms of the GNU General Public License as published by
 # the Free Software Foundation; either version 2 of the License, or
 # (at your option) any later version.
 #
 # Find more information about this on the LICENSE file.
 #
 # ======================== Wazuh app configuration file ========================
 #
 # Please check the documentation for more information on configuration options:
 # https://documentation.wazuh.com/current/installation-guide/index.html
 #
 # Also, you can check our repository:
 # https://github.com/wazuh/wazuh-kibana-app
 #
 # ------------------------------- Index patterns -------------------------------
 #
 # Default index pattern to use.
 #pattern: wazuh-alerts-*
 #
 # ----------------------------------- Checks -----------------------------------
 #
 # Defines which checks must to be consider by the healthcheck
 # step once the Wazuh app starts. Values must to be true or false.
 #checks.pattern : true
 #checks.template: true
 #checks.api     : true
 #checks.setup   : true
 #checks.metaFields: true
 #
 # --------------------------------- Extensions ---------------------------------
 #
 # Defines which extensions should be activated when you add a new API entry.
 # You can change them after Wazuh app starts.
 # Values must to be true or false.
 #extensions.pci       : true
 #extensions.gdpr      : true
 #extensions.hipaa     : true
 #extensions.nist      : true
 #extensions.tsc       : true
 #extensions.audit     : true
 #extensions.oscap     : false
 #extensions.ciscat    : false
 #extensions.aws       : false
 #extensions.gcp       : false
 #extensions.virustotal: false
 #extensions.osquery   : false
 #extensions.docker    : false
 #
 # ---------------------------------- Time out ----------------------------------
 #
 # Defines maximum timeout to be used on the Wazuh app requests.
 # It will be ignored if it is bellow 1500.
 # It means milliseconds before we consider a request as failed.
 # Default: 20000
 #timeout: 20000
 #
 # -------------------------------- API selector --------------------------------
 #
 # Defines if the user is allowed to change the selected
 # API directly from the Wazuh app top menu.
 # Default: true
 #api.selector: true
 #
 # --------------------------- Index pattern selector ---------------------------
 #
 # Defines if the user is allowed to change the selected
 # index pattern directly from the Wazuh app top menu.
 # Default: true
 #ip.selector: true
 #
 # List of index patterns to be ignored
 #ip.ignore: []
 #
 # -------------------------------- X-Pack RBAC ---------------------------------
 #
 # Custom setting to enable/disable built-in X-Pack RBAC security capabilities.
 # Default: enabled
 #xpack.rbac.enabled: true
 #
 # ------------------------------ wazuh-monitoring ------------------------------
 #
 # Custom setting to enable/disable wazuh-monitoring indices.
 # Values: true, false, worker
 # If worker is given as value, the app will show the Agents status
 # visualization but won't insert data on wazuh-monitoring indices.
 # Default: true
 #wazuh.monitoring.enabled: true
 #
 # Custom setting to set the frequency for wazuh-monitoring indices cron task.
 # Default: 900 (s)
 #wazuh.monitoring.frequency: 900
 #
 # Configure wazuh-monitoring-* indices shards and replicas.
 #wazuh.monitoring.shards: 2
 #wazuh.monitoring.replicas: 0
 #
 # Configure wazuh-monitoring-* indices custom creation interval.
 # Values: h (hourly), d (daily), w (weekly), m (monthly)
 # Default: d
 #wazuh.monitoring.creation: d
 #
 # Default index pattern to use for Wazuh monitoring
 #wazuh.monitoring.pattern: wazuh-monitoring-*
 #
 # --------------------------------- wazuh-cron ----------------------------------
 #
 # Customize the index prefix of predefined jobs
 # This change is not retroactive, if you change it new indexes will be created
 # cron.prefix: test
 #
 # ------------------------------ wazuh-statistics -------------------------------
 #
 # Custom setting to enable/disable statistics tasks.
 #cron.statistics.status: true
 #
 # Enter the ID of the APIs you want to save data from, leave this empty to run
 # the task on all configured APIs
 #cron.statistics.apis: []
 #
 # Define the frequency of task execution using cron schedule expressions
 #cron.statistics.interval: 0 0 * * * *
 #
 # Define the name of the index in which the documents are to be saved.
 #cron.statistics.index.name: statistics
 #
 # Define the interval in which the index will be created
 #cron.statistics.index.creation: w
 #
 # ------------------------------- App privileges --------------------------------
 #admin: true
 #
 # ---------------------------- Hide manager alerts ------------------------------
 # Hide the alerts of the manager in all dashboards and discover
 #hideManagerAlerts: false
 #
 # ------------------------------- App logging level -----------------------------
 # Set the logging level for the Wazuh App log files.
 # Default value: info
 # Allowed values: info, debug
 #logs.level: info
 #
 # -------------------------------- Enrollment DNS -------------------------------
 # Set the variable WAZUH_REGISTRATION_SERVER in agents deployment.
 # Default value: ''
 #enrollment.dns: ''
 #
 #-------------------------------- API entries -----------------------------------
 #The following configuration is the default structure to define an API entry.
 #
 #hosts:
 #  - <id>:
 #     url: http(s)://<url>
 #     port: <port>
 #     username: <username>
 #     password: <password>
--- a/kibana/config/wazuh_app_config.sh
+++ b/kibana/config/wazuh_app_config.sh
@@ -0,0 +1,64 @@
 #!/bin/bash
 # Wazuh Docker Copyright (C) 2021 Wazuh Inc. (License GPLv2)
 wazuh_url="${WAZUH_API_URL:-https://wazuh}"
 wazuh_port="${API_PORT:-55000}"
 api_username="${API_USERNAME:-wazuh-wui}"
 api_password="${API_PASSWORD:-wazuh-wui}"
 kibana_config_file="/usr/share/kibana/data/wazuh/config/wazuh.yml"
 declare -A CONFIG_MAP=(
  [pattern]=$PATTERN
  [checks.pattern]=$CHECKS_PATTERN
  [checks.template]=$CHECKS_TEMPLATE
  [checks.api]=$CHECKS_API
  [checks.setup]=$CHECKS_SETUP
  [extensions.pci]=$EXTENSIONS_PCI
  [extensions.gdpr]=$EXTENSIONS_GDPR
  [extensions.hipaa]=$EXTENSIONS_HIPAA
  [extensions.nist]=$EXTENSIONS_NIST
  [extensions.tsc]=$EXTENSIONS_TSC
  [extensions.audit]=$EXTENSIONS_AUDIT
  [extensions.oscap]=$EXTENSIONS_OSCAP
  [extensions.ciscat]=$EXTENSIONS_CISCAT
  [extensions.aws]=$EXTENSIONS_AWS
  [extensions.gcp]=$EXTENSIONS_GCP
  [extensions.virustotal]=$EXTENSIONS_VIRUSTOTAL
  [extensions.osquery]=$EXTENSIONS_OSQUERY
  [extensions.docker]=$EXTENSIONS_DOCKER
  [timeout]=$APP_TIMEOUT
  [api.selector]=$API_SELECTOR
  [ip.selector]=$IP_SELECTOR
  [ip.ignore]=$IP_IGNORE
  [wazuh.monitoring.enabled]=$WAZUH_MONITORING_ENABLED
  [wazuh.monitoring.frequency]=$WAZUH_MONITORING_FREQUENCY
  [wazuh.monitoring.shards]=$WAZUH_MONITORING_SHARDS
  [wazuh.monitoring.replicas]=$WAZUH_MONITORING_REPLICAS
  [admin]=$ADMIN_PRIVILEGES
 )
 for i in "${!CONFIG_MAP[@]}"
 do
    if [ "${CONFIG_MAP[$i]}" != "" ]; then
        sed -i 's/.*#'"$i"'.*/'"$i"': '"${CONFIG_MAP[$i]}"'/' $kibana_config_file
    fi
 done
 CONFIG_CODE=$(curl ${auth} -s -o /dev/null -w "%{http_code}" -XGET $el_url/.wazuh/_doc/1513629884013)
 grep -q 1513629884013 $kibana_config_file
 _config_exists=$?
 if [[ "x$CONFIG_CODE" != "x200" && $_config_exists -ne 0 ]]; then
 cat << EOF >> $kibana_config_file
 hosts:
  - 1513629884013:
      url: $wazuh_url
      port: $wazuh_port
      username: $api_username
      password: $api_password
 EOF
 else
  echo "Wazuh APP already configured"
 fi
--- a/kibana/config/xpack_config.sh
+++ b/kibana/config/xpack_config.sh
@@ -0,0 +1,35 @@
 #!/bin/bash
 # Wazuh Docker Copyright (C) 2021 Wazuh Inc. (License GPLv2)
 kibana_config_file="/usr/share/kibana/config/kibana.yml"
 if grep -Fq  "#xpack features" "$kibana_config_file";
 then
  declare -A CONFIG_MAP=(
    [xpack.apm.ui.enabled]=$XPACK_APM
    [xpack.grokdebugger.enabled]=$XPACK_DEVTOOLS
    [xpack.searchprofiler.enabled]=$XPACK_DEVTOOLS
    [xpack.ml.enabled]=$XPACK_ML
    [xpack.canvas.enabled]=$XPACK_CANVAS
    [xpack.infra.enabled]=$XPACK_INFRA
    [xpack.monitoring.enabled]=$XPACK_MONITORING
    [console.enabled]=$XPACK_DEVTOOLS
  )
  for i in "${!CONFIG_MAP[@]}"
  do
    if [ "${CONFIG_MAP[$i]}" != "" ]; then
      sed -i 's/.'"$i"'.*/'"$i"': '"${CONFIG_MAP[$i]}"'/' $kibana_config_file
    fi
  done
 else
  echo "
 #xpack features
 xpack.apm.ui.enabled: $XPACK_APM
 xpack.grokdebugger.enabled: $XPACK_DEVTOOLS
 xpack.searchprofiler.enabled: $XPACK_DEVTOOLS
 xpack.ml.enabled: $XPACK_ML
 xpack.canvas.enabled: $XPACK_CANVAS
 xpack.infra.enabled: $XPACK_INFRA
 xpack.monitoring.enabled: $XPACK_MONITORING
 console.enabled: $XPACK_DEVTOOLS
 " >> $kibana_config_file
 fi
--- a/production-cluster.yml
+++ b/production-cluster.yml
@@ -1,9 +1,9 @@
-# Wazuh App Copyright (C) 2020 Wazuh Inc. (License GPLv2)
+# Wazuh App Copyright (C) 2021 Wazuh Inc. (License GPLv2)
 version: '3.7'
 services:
  wazuh-master:
-    image: wazuh/wazuh-odfe:4.0.0_1.10.1
+    image: wazuh/wazuh-odfe:4.1.1
    hostname: wazuh-master
    restart: always
    ports:
@@ -38,7 +38,7 @@ services:
      - ./production_cluster/wazuh_cluster/wazuh_manager.conf:/wazuh-config-mount/etc/ossec.conf
  wazuh-worker:
-    image: wazuh/wazuh-odfe:4.0.0_1.10.1
+    image: wazuh/wazuh-odfe:4.1.1
    hostname: wazuh-worker
    restart: always
    environment:
@@ -67,7 +67,7 @@ services:
      - ./production_cluster/wazuh_cluster/wazuh_worker.conf:/wazuh-config-mount/etc/ossec.conf
  elasticsearch:
-    image: amazon/opendistro-for-elasticsearch:1.10.1
+    image: amazon/opendistro-for-elasticsearch:1.12.0
    hostname: elasticsearch
    restart: always
    ports:
@@ -90,7 +90,7 @@ services:
      - ./production_cluster/elastic_opendistro/internal_users.yml:/usr/share/elasticsearch/plugins/opendistro_security/securityconfig/internal_users.yml
  elasticsearch-2:
-    image: amazon/opendistro-for-elasticsearch:1.10.1
+    image: amazon/opendistro-for-elasticsearch:1.12.0
    hostname: elasticsearch-2
    restart: always
    environment:
@@ -111,7 +111,7 @@ services:
      - ./production_cluster/elastic_opendistro/internal_users.yml:/usr/share/elasticsearch/plugins/opendistro_security/securityconfig/internal_users.yml
  elasticsearch-3:
-    image: amazon/opendistro-for-elasticsearch:1.10.1
+    image: amazon/opendistro-for-elasticsearch:1.12.0
    hostname: elasticsearch-3
    restart: always
    environment:
@@ -132,7 +132,7 @@ services:
      - ./production_cluster/elastic_opendistro/internal_users.yml:/usr/share/elasticsearch/plugins/opendistro_security/securityconfig/internal_users.yml
  kibana:
-    image: wazuh/wazuh-kibana-odfe:4.0.0_1.10.1
+    image: wazuh/wazuh-kibana-odfe:4.1.1
    hostname: kibana
    restart: always
    ports:
--- a/wazuh-odfe/Dockerfile
+++ b/wazuh-odfe/Dockerfile
@@ -1,8 +1,9 @@
-# Wazuh Docker Copyright (C) 2020 Wazuh Inc. (License GPLv2)
+# Wazuh Docker Copyright (C) 2021 Wazuh Inc. (License GPLv2)
 FROM centos:7
-ARG FILEBEAT_VERSION=7.9.1
+ARG FILEBEAT_CHANNEL=filebeat-oss
-ARG WAZUH_VERSION=4.0.0-1
+ARG FILEBEAT_VERSION=7.10.0
 ARG WAZUH_VERSION=4.1.1-1
 ARG TEMPLATE_VERSION="master"
 ARG WAZUH_FILEBEAT_MODULE="wazuh-filebeat-0.1.tar.gz"
@@ -16,12 +17,14 @@ RUN yum --enablerepo=updates clean metadata && \
  sed -i "s/^enabled=1/enabled=0/" /etc/yum.repos.d/wazuh.repo && \
  yum clean all && rm -rf /var/cache/yum
-RUN curl -L -O https://artifacts.elastic.co/downloads/beats/filebeat/filebeat-oss-${FILEBEAT_VERSION}-x86_64.rpm &&\
+RUN curl -L -O https://artifacts.elastic.co/downloads/beats/filebeat/${FILEBEAT_CHANNEL}-${FILEBEAT_VERSION}-x86_64.rpm &&\
-  rpm -i filebeat-oss-${FILEBEAT_VERSION}-x86_64.rpm && rm -f filebeat-oss-${FILEBEAT_VERSION}-x86_64.rpm
+  rpm -i ${FILEBEAT_CHANNEL}-${FILEBEAT_VERSION}-x86_64.rpm && rm -f ${FILEBEAT_CHANNEL}-${FILEBEAT_VERSION}-x86_64.rpm
 RUN curl -s https://packages.wazuh.com/4.x/filebeat/${WAZUH_FILEBEAT_MODULE} | tar -xvz -C /usr/share/filebeat/module
-ARG S6_VERSION="v2.1.0.2"
+RUN curl -L https://github.com/aelsabbahy/goss/releases/latest/download/goss-linux-amd64 -o /usr/local/bin/goss && chmod +rx /usr/local/bin/goss
 ARG S6_VERSION="v2.2.0.3"
 RUN curl --fail --silent -L https://github.com/just-containers/s6-overlay/releases/download/${S6_VERSION}/s6-overlay-amd64.tar.gz \
    -o /tmp/s6-overlay-amd64.tar.gz && \
    tar xzf /tmp/s6-overlay-amd64.tar.gz -C / --exclude="./bin" && \
--- a/wazuh-odfe/config/create_user.py
+++ b/wazuh-odfe/config/create_user.py
@@ -9,6 +9,7 @@ import os
 sys.path.append(os.path.dirname(sys.argv[0]) + "/../framework")
 USER_FILE_PATH = "/var/ossec/api/configuration/admin.json"
 SPECIAL_CHARS = "@$!%*?&-_"
 try:
@@ -39,6 +40,26 @@ def db_roles():
    roles_result = get_roles()
    return {role["name"]: role["id"] for role in roles_result.affected_items}
 def disable_user(uid):
    random_pass = "".join(
                random.choices(
                    string.ascii_uppercase
                    + string.ascii_lowercase
                    + string.digits
                    + SPECIAL_CHARS,
                    k=8,
                )
            )
    # assure there must be at least one character from each group
    random_pass = random_pass + ''.join([random.choice(chars) for chars in [string.ascii_lowercase, string.digits, string.ascii_uppercase, SPECIAL_CHARS]])
    random_pass = ''.join(random.sample(random_pass,len(random_pass)))
    update_user(
        user_id=[
            str(uid),
        ],
        password=random_pass,
    )
 if __name__ == "__main__":
    if not os.path.exists(USER_FILE_PATH):
@@ -70,21 +91,7 @@ if __name__ == "__main__":
            ],
            password=password,
        )
-    # set a random password for all other users
+    # disable unused default users
-    for name, id in initial_users.items():
+    for def_user in ['wazuh', 'wazuh-wui']:
-        if name != username:
+        if def_user != username:
-            random_pass = "".join(
+            disable_user(initial_users[def_user])
                random.choices(
                    string.ascii_uppercase
                    + string.ascii_lowercase
                    + string.digits
                    + "@$!%*?&-_",
                    k=16,
                )
            )
            update_user(
                user_id=[
                    str(id),
                ],
                password=random_pass,
            )
--- a/wazuh-odfe/config/etc/cont-init.d/0-wazuh-init
+++ b/wazuh-odfe/config/etc/cont-init.d/0-wazuh-init
@@ -1,5 +1,5 @@
 #!/usr/bin/with-contenv bash
-# Wazuh App Copyright (C) 2020 Wazuh Inc. (License GPLv2)
+# Wazuh App Copyright (C) 2021 Wazuh Inc. (License GPLv2)
 # Variables
 source /permanent_data.env
--- a/wazuh-odfe/config/etc/cont-init.d/1-config-filebeat
+++ b/wazuh-odfe/config/etc/cont-init.d/1-config-filebeat
@@ -1,5 +1,5 @@
 #!/usr/bin/with-contenv bash
-# Wazuh App Copyright (C) 2020 Wazuh Inc. (License GPLv2)
+# Wazuh App Copyright (C) 2021 Wazuh Inc. (License GPLv2)
 set -e
--- a/wazuh-odfe/config/etc/cont-init.d/2-manager
+++ b/wazuh-odfe/config/etc/cont-init.d/2-manager
@@ -102,6 +102,16 @@ EOF
  fi
 }
 function_entrypoint_scripts() {
  # It will run every .sh script located in entrypoint-scripts folder in lexicographical order
  if [ -d "/entrypoint-scripts/" ]
  then
    for script in `ls /entrypoint-scripts/*.sh | sort -n`; do
      bash "$script"
    done
  fi
 }
 # Migrate data from /wazuh-migration volume
 function_wazuh_migration
@@ -109,5 +119,8 @@ function_wazuh_migration
 # create API custom user
 function_create_custom_user
 # run entrypoint scripts
 function_entrypoint_scripts
 # Start Wazuh
 /var/ossec/bin/ossec-control start
--- a/wazuh-odfe/config/etc/services.d/ossec-logs/run
+++ b/wazuh-odfe/config/etc/services.d/ossec-logs/run
@@ -0,0 +1,4 @@
 #!/usr/bin/with-contenv sh
 # dumping ossec.log to standard output
 exec tail -f /var/ossec/logs/ossec.log
--- a/wazuh-odfe/config/permanent_data.sh
+++ b/wazuh-odfe/config/permanent_data.sh
@@ -1,5 +1,5 @@
 #!/bin/bash
-# Wazuh App Copyright (C) 2020 Wazuh Inc. (License GPLv2)
+# Wazuh App Copyright (C) 2021 Wazuh Inc. (License GPLv2)
 # Variables
 source /permanent_data.env
--- a/xpack-compose.yml
+++ b/xpack-compose.yml
@@ -0,0 +1,186 @@
 # Wazuh App Copyright (C) 2021 Wazuh Inc. (License GPLv2)
 version: '3.7'
 services:
  wazuh:
    image: wazuh/wazuh:4.1.1
    hostname: wazuh-manager
    restart: always
    ports:
      - "1514:1514"
      - "1515:1515"
      - "514:514/udp"
      - "55000:55000"
    environment:
      - ELASTICSEARCH_URL=https://elasticsearch:9200
      - ELASTIC_USERNAME=elastic
      - ELASTIC_PASSWORD=SecretPassword
      - FILEBEAT_SSL_VERIFICATION_MODE=none
      - SSL_CERTIFICATE_AUTHORITIES=/etc/ssl/ca.crt
      - SSL_CERTIFICATE=/etc/ssl/wazuh.crt
      - SSL_KEY=/etc/ssl/wazuh.key
    volumes:
      - ossec_api_configuration:/var/ossec/api/configuration
      - ossec_etc:/var/ossec/etc
      - ossec_logs:/var/ossec/logs
      - ossec_queue:/var/ossec/queue
      - ossec_var_multigroups:/var/ossec/var/multigroups
      - ossec_integrations:/var/ossec/integrations
      - ossec_active_response:/var/ossec/active-response/bin
      - ossec_agentless:/var/ossec/agentless
      - ossec_wodles:/var/ossec/wodles
      - filebeat_etc:/etc/filebeat
      - filebeat_var:/var/lib/filebeat
      - ./xpack/ca/ca.crt:/etc/ssl/ca.crt
      - ./xpack/wazuh/wazuh.crt:/etc/ssl/wazuh.crt
      - ./xpack/wazuh/wazuh.key:/etc/ssl/wazuh.key
  elasticsearch:
    image: docker.elastic.co/elasticsearch/elasticsearch:7.10.2
    hostname: elasticsearch
    restart: always
    ports:
      - "9200:9200"
    environment:
      - cluster.name=wazuh-cluster
      - node.name=elasticsearch
      - discovery.seed_hosts=elasticsearch,elasticsearch2,elasticsearch3
      - cluster.initial_master_nodes=elasticsearch,elasticsearch2,elasticsearch3
      - ELASTIC_PASSWORD=SecretPassword
      - "ES_JAVA_OPTS=-Xms512m -Xmx512m"
      - bootstrap.memory_lock=true
      - xpack.license.self_generated.type=basic
      - xpack.security.enabled=true
      - xpack.security.http.ssl.enabled=true
      - xpack.security.http.ssl.certificate_authorities=/usr/share/elasticsearch/config/ca.crt
      - xpack.security.http.ssl.key=/usr/share/elasticsearch/config/elasticsearch.key
      - xpack.security.http.ssl.certificate=/usr/share/elasticsearch/config/elasticsearch.crt
      - xpack.security.transport.ssl.enabled=true
      - xpack.security.transport.ssl.verification_mode=certificate
      - xpack.security.transport.ssl.certificate_authorities=/usr/share/elasticsearch/config/ca.crt
      - xpack.security.transport.ssl.key=/usr/share/elasticsearch/config/elasticsearch.key
      - xpack.security.transport.ssl.certificate=/usr/share/elasticsearch/config/elasticsearch.crt
    ulimits:
      memlock:
        soft: -1
        hard: -1
      nofile:
        soft: 65536
        hard: 65536
    volumes:
      - ./xpack/ca/ca.crt:/usr/share/elasticsearch/config/ca.crt
      - ./xpack/elasticsearch/elasticsearch.key:/usr/share/elasticsearch/config/elasticsearch.key
      - ./xpack/elasticsearch/elasticsearch.crt:/usr/share/elasticsearch/config/elasticsearch.crt
  elasticsearch2:
    image: docker.elastic.co/elasticsearch/elasticsearch:7.10.2
    hostname: elasticsearch2
    restart: always
    environment:
      - cluster.name=wazuh-cluster
      - node.name=elasticsearch2
      - discovery.seed_hosts=elasticsearch,elasticsearch2,elasticsearch3
      - cluster.initial_master_nodes=elasticsearch,elasticsearch2,elasticsearch3
      - ELASTIC_PASSWORD=SecretPassword
      - "ES_JAVA_OPTS=-Xms512m -Xmx512m"
      - bootstrap.memory_lock=true
      - xpack.license.self_generated.type=basic
      - xpack.security.enabled=true
      - xpack.security.http.ssl.enabled=true
      - xpack.security.http.ssl.certificate_authorities=/usr/share/elasticsearch/config/ca.crt
      - xpack.security.http.ssl.key=/usr/share/elasticsearch/config/elasticsearch.key
      - xpack.security.http.ssl.certificate=/usr/share/elasticsearch/config/elasticsearch.crt
      - xpack.security.transport.ssl.enabled=true
      - xpack.security.transport.ssl.verification_mode=certificate
      - xpack.security.transport.ssl.certificate_authorities=/usr/share/elasticsearch/config/ca.crt
      - xpack.security.transport.ssl.key=/usr/share/elasticsearch/config/elasticsearch.key
      - xpack.security.transport.ssl.certificate=/usr/share/elasticsearch/config/elasticsearch.crt
    ulimits:
      memlock:
        soft: -1
        hard: -1
      nofile:
        soft: 65536
        hard: 65536
    volumes:
      - ./xpack/ca/ca.crt:/usr/share/elasticsearch/config/ca.crt
      - ./xpack/elasticsearch2/elasticsearch2.key:/usr/share/elasticsearch/config/elasticsearch.key
      - ./xpack/elasticsearch2/elasticsearch2.crt:/usr/share/elasticsearch/config/elasticsearch.crt
  elasticsearch3:
    image: docker.elastic.co/elasticsearch/elasticsearch:7.10.2
    hostname: elasticsearch3
    restart: always
    environment:
      - cluster.name=wazuh-cluster
      - node.name=elasticsearch3
      - discovery.seed_hosts=elasticsearch,elasticsearch2,elasticsearch3
      - cluster.initial_master_nodes=elasticsearch,elasticsearch2,elasticsearch3
      - ELASTIC_PASSWORD=SecretPassword
      - "ES_JAVA_OPTS=-Xms512m -Xmx512m"
      - bootstrap.memory_lock=true
      - xpack.license.self_generated.type=basic
      - xpack.security.enabled=true
      - xpack.security.http.ssl.enabled=true
      - xpack.security.http.ssl.certificate_authorities=/usr/share/elasticsearch/config/ca.crt
      - xpack.security.http.ssl.key=/usr/share/elasticsearch/config/elasticsearch.key
      - xpack.security.http.ssl.certificate=/usr/share/elasticsearch/config/elasticsearch.crt
      - xpack.security.transport.ssl.enabled=true
      - xpack.security.transport.ssl.verification_mode=certificate
      - xpack.security.transport.ssl.certificate_authorities=/usr/share/elasticsearch/config/ca.crt
      - xpack.security.transport.ssl.key=/usr/share/elasticsearch/config/elasticsearch.key
      - xpack.security.transport.ssl.certificate=/usr/share/elasticsearch/config/elasticsearch.crt
    ulimits:
      memlock:
        soft: -1
        hard: -1
      nofile:
        soft: 65536
        hard: 65536
    volumes:
      - ./xpack/ca/ca.crt:/usr/share/elasticsearch/config/ca.crt
      - ./xpack/elasticsearch3/elasticsearch3.key:/usr/share/elasticsearch/config/elasticsearch.key
      - ./xpack/elasticsearch3/elasticsearch3.crt:/usr/share/elasticsearch/config/elasticsearch.crt
  kibana:
    image: wazuh/wazuh-kibana:4.1.1
    hostname: kibana
    restart: always
    ports:
      - 443:5601
    environment:
      - SERVERNAME=localhost
      - ELASTICSEARCH_USERNAME=elastic
      - ELASTICSEARCH_PASSWORD=SecretPassword
      - ELASTICSEARCH_URL=https://elasticsearch:9200
      - ELASTICSEARCH_HOSTS=https://elasticsearch:9200
      - ELASTICSEARCH_SSL_CERTIFICATEAUTHORITIES=/usr/share/kibana/config/ca.crt
      - SERVER_SSL_ENABLED=true
      - XPACK_SECURITY_ENABLED=true
      - SERVER_SSL_KEY=/usr/share/kibana/config/kibana.key
      - SERVER_SSL_CERTIFICATE=/usr/share/kibana/config/kibana.crt
    volumes:
      - ./xpack/ca/ca.crt:/usr/share/kibana/config/ca.crt
      - ./xpack/kibana/kibana.key:/usr/share/kibana/config/kibana.key
      - ./xpack/kibana/kibana.crt:/usr/share/kibana/config/kibana.crt
    depends_on:
      - elasticsearch
    links:
      - elasticsearch:elasticsearch
      - wazuh:wazuh
 volumes:
  ossec_api_configuration:
  ossec_etc:
  ossec_logs:
  ossec_queue:
  ossec_var_multigroups:
  ossec_integrations:
  ossec_active_response:
  ossec_agentless:
  ossec_wodles:
  filebeat_etc:
  filebeat_var:
--- a/xpack-from-sources.yml
+++ b/xpack-from-sources.yml
@@ -0,0 +1,192 @@
 # Wazuh App Copyright (C) 2021 Wazuh Inc. (License GPLv2)
 version: '3.7'
 services:
  wazuh:
    build:
      context: wazuh-odfe/
      args:
        - FILEBEAT_CHANNEL=filebeat
        - FILEBEAT_VERSION=7.10.2
    image: wazuh/wazuh:4.1.1
    hostname: wazuh-manager
    restart: always
    ports:
      - "1514:1514"
      - "1515:1515"
      - "514:514/udp"
      - "55000:55000"
    environment:
      - ELASTICSEARCH_URL=https://elasticsearch:9200
      - ELASTIC_USERNAME=elastic
      - ELASTIC_PASSWORD=SecretPassword
      - FILEBEAT_SSL_VERIFICATION_MODE=none
      - SSL_CERTIFICATE_AUTHORITIES=/etc/ssl/ca.crt
      - SSL_CERTIFICATE=/etc/ssl/wazuh.crt
      - SSL_KEY=/etc/ssl/wazuh.key
    volumes:
      - ossec_api_configuration:/var/ossec/api/configuration
      - ossec_etc:/var/ossec/etc
      - ossec_logs:/var/ossec/logs
      - ossec_queue:/var/ossec/queue
      - ossec_var_multigroups:/var/ossec/var/multigroups
      - ossec_integrations:/var/ossec/integrations
      - ossec_active_response:/var/ossec/active-response/bin
      - ossec_agentless:/var/ossec/agentless
      - ossec_wodles:/var/ossec/wodles
      - filebeat_etc:/etc/filebeat
      - filebeat_var:/var/lib/filebeat
      - ./xpack/ca/ca.crt:/etc/ssl/ca.crt
      - ./xpack/wazuh/wazuh.crt:/etc/ssl/wazuh.crt
      - ./xpack/wazuh/wazuh.key:/etc/ssl/wazuh.key
  elasticsearch:
    image: docker.elastic.co/elasticsearch/elasticsearch:7.10.2
    hostname: elasticsearch
    restart: always
    ports:
      - "9200:9200"
    environment:
      - cluster.name=wazuh-cluster
      - node.name=elasticsearch
      - discovery.seed_hosts=elasticsearch,elasticsearch2,elasticsearch3
      - cluster.initial_master_nodes=elasticsearch,elasticsearch2,elasticsearch3
      - ELASTIC_PASSWORD=SecretPassword
      - "ES_JAVA_OPTS=-Xms512m -Xmx512m"
      - bootstrap.memory_lock=true
      - xpack.license.self_generated.type=basic
      - xpack.security.enabled=true
      - xpack.security.http.ssl.enabled=true
      - xpack.security.http.ssl.certificate_authorities=/usr/share/elasticsearch/config/ca.crt
      - xpack.security.http.ssl.key=/usr/share/elasticsearch/config/elasticsearch.key
      - xpack.security.http.ssl.certificate=/usr/share/elasticsearch/config/elasticsearch.crt
      - xpack.security.transport.ssl.enabled=true
      - xpack.security.transport.ssl.verification_mode=certificate
      - xpack.security.transport.ssl.certificate_authorities=/usr/share/elasticsearch/config/ca.crt
      - xpack.security.transport.ssl.key=/usr/share/elasticsearch/config/elasticsearch.key
      - xpack.security.transport.ssl.certificate=/usr/share/elasticsearch/config/elasticsearch.crt
    ulimits:
      memlock:
        soft: -1
        hard: -1
      nofile:
        soft: 65536
        hard: 65536
    volumes:
      - ./xpack/ca/ca.crt:/usr/share/elasticsearch/config/ca.crt
      - ./xpack/elasticsearch/elasticsearch.key:/usr/share/elasticsearch/config/elasticsearch.key
      - ./xpack/elasticsearch/elasticsearch.crt:/usr/share/elasticsearch/config/elasticsearch.crt
  elasticsearch2:
    image: docker.elastic.co/elasticsearch/elasticsearch:7.10.2
    hostname: elasticsearch2
    restart: always
    environment:
      - cluster.name=wazuh-cluster
      - node.name=elasticsearch2
      - discovery.seed_hosts=elasticsearch,elasticsearch2,elasticsearch3
      - cluster.initial_master_nodes=elasticsearch,elasticsearch2,elasticsearch3
      - ELASTIC_PASSWORD=SecretPassword
      - "ES_JAVA_OPTS=-Xms512m -Xmx512m"
      - bootstrap.memory_lock=true
      - xpack.license.self_generated.type=basic
      - xpack.security.enabled=true
      - xpack.security.http.ssl.enabled=true
      - xpack.security.http.ssl.certificate_authorities=/usr/share/elasticsearch/config/ca.crt
      - xpack.security.http.ssl.key=/usr/share/elasticsearch/config/elasticsearch.key
      - xpack.security.http.ssl.certificate=/usr/share/elasticsearch/config/elasticsearch.crt
      - xpack.security.transport.ssl.enabled=true
      - xpack.security.transport.ssl.verification_mode=certificate
      - xpack.security.transport.ssl.certificate_authorities=/usr/share/elasticsearch/config/ca.crt
      - xpack.security.transport.ssl.key=/usr/share/elasticsearch/config/elasticsearch.key
      - xpack.security.transport.ssl.certificate=/usr/share/elasticsearch/config/elasticsearch.crt
    ulimits:
      memlock:
        soft: -1
        hard: -1
      nofile:
        soft: 65536
        hard: 65536
    volumes:
      - ./xpack/ca/ca.crt:/usr/share/elasticsearch/config/ca.crt
      - ./xpack/elasticsearch2/elasticsearch2.key:/usr/share/elasticsearch/config/elasticsearch.key
      - ./xpack/elasticsearch2/elasticsearch2.crt:/usr/share/elasticsearch/config/elasticsearch.crt
  elasticsearch3:
    image: docker.elastic.co/elasticsearch/elasticsearch:7.10.2
    hostname: elasticsearch3
    restart: always
    environment:
      - cluster.name=wazuh-cluster
      - node.name=elasticsearch3
      - discovery.seed_hosts=elasticsearch,elasticsearch2,elasticsearch3
      - cluster.initial_master_nodes=elasticsearch,elasticsearch2,elasticsearch3
      - ELASTIC_PASSWORD=SecretPassword
      - "ES_JAVA_OPTS=-Xms512m -Xmx512m"
      - bootstrap.memory_lock=true
      - xpack.license.self_generated.type=basic
      - xpack.security.enabled=true
      - xpack.security.http.ssl.enabled=true
      - xpack.security.http.ssl.certificate_authorities=/usr/share/elasticsearch/config/ca.crt
      - xpack.security.http.ssl.key=/usr/share/elasticsearch/config/elasticsearch.key
      - xpack.security.http.ssl.certificate=/usr/share/elasticsearch/config/elasticsearch.crt
      - xpack.security.transport.ssl.enabled=true
      - xpack.security.transport.ssl.verification_mode=certificate
      - xpack.security.transport.ssl.certificate_authorities=/usr/share/elasticsearch/config/ca.crt
      - xpack.security.transport.ssl.key=/usr/share/elasticsearch/config/elasticsearch.key
      - xpack.security.transport.ssl.certificate=/usr/share/elasticsearch/config/elasticsearch.crt
    ulimits:
      memlock:
        soft: -1
        hard: -1
      nofile:
        soft: 65536
        hard: 65536
    volumes:
      - ./xpack/ca/ca.crt:/usr/share/elasticsearch/config/ca.crt
      - ./xpack/elasticsearch3/elasticsearch3.key:/usr/share/elasticsearch/config/elasticsearch.key
      - ./xpack/elasticsearch3/elasticsearch3.crt:/usr/share/elasticsearch/config/elasticsearch.crt
  kibana:
    build: kibana/
    image: wazuh/wazuh-kibana:4.1.1
    hostname: kibana
    restart: always
    ports:
      - 443:5601
    environment:
      - SERVERNAME=localhost
      - ELASTICSEARCH_USERNAME=elastic
      - ELASTICSEARCH_PASSWORD=SecretPassword
      - ELASTICSEARCH_URL=https://elasticsearch:9200
      - ELASTICSEARCH_HOSTS=https://elasticsearch:9200
      - ELASTICSEARCH_SSL_CERTIFICATEAUTHORITIES=/usr/share/kibana/config/ca.crt
      - SERVER_SSL_ENABLED=true
      - XPACK_SECURITY_ENABLED=true
      - SERVER_SSL_KEY=/usr/share/kibana/config/kibana.key
      - SERVER_SSL_CERTIFICATE=/usr/share/kibana/config/kibana.crt
    volumes:
      - ./xpack/ca/ca.crt:/usr/share/kibana/config/ca.crt
      - ./xpack/kibana/kibana.key:/usr/share/kibana/config/kibana.key
      - ./xpack/kibana/kibana.crt:/usr/share/kibana/config/kibana.crt
    depends_on:
      - elasticsearch
    links:
      - elasticsearch:elasticsearch
      - wazuh:wazuh
 volumes:
  ossec_api_configuration:
  ossec_etc:
  ossec_logs:
  ossec_queue:
  ossec_var_multigroups:
  ossec_integrations:
  ossec_active_response:
  ossec_agentless:
  ossec_wodles:
  filebeat_etc:
  filebeat_var:
--- a/xpack/instances.yml
+++ b/xpack/instances.yml
@@ -0,0 +1,35 @@
 instances:
  - name: elasticsearch
    dns:
      - elasticsearch
      - localhost
    ip:
      - 127.0.0.1
  - name: elasticsearch2
    dns:
      - elasticsearch2
      - localhost
    ip:
      - 127.0.0.1
  - name: elasticsearch3
    dns:
      - elasticsearch3
      - localhost
    ip:
      - 127.0.0.1
  - name: kibana
    dns:
      - kibana
      - localhost
    ip:
      - 127.0.0.1
  - name: wazuh
    dns:
      - wazuh
      - localhost
    ip:
      - 127.0.0.1
Author	SHA1	Message	Date
Alberto Rodríguez	110f30148e	Merge pull request #445 from wazuh/release-wazuh_4.1.1 Bump to 4.1.1	2021-02-25 17:50:03 +01:00
Manuel Gutierrez	b5db817ecc	Bump to 4.1.1	2021-02-22 12:31:59 +01:00
Manuel Gutierrez	b36f24a128	Merge pull request #442 from wazuh/release-wazuh_4.1.0 Release wazuh 4.1.0	2021-02-17 17:55:24 +01:00
Manuel Gutierrez	5da9c5dd1f	Add xpack-from-sources	2021-02-17 17:54:09 +01:00
Manuel Gutierrez	4eb80c83b0	Update kibana xpack paths	2021-02-17 17:45:05 +01:00
Manuel Gutierrez	68c41bd64c	Fix curl ssl check	2021-02-17 17:40:19 +01:00
Manuel Gutierrez	41f2397725	Fix elastic version	2021-02-17 16:39:44 +01:00
Manuel Gutierrez	5673a9115c	Fix changelog	2021-02-17 16:31:49 +01:00
Manuel Gutierrez	f019658c86	Bump images on prod cluster	2021-02-17 15:51:45 +01:00
Manuel Gutierrez	eb944445be	Update changelog	2021-02-17 15:41:47 +01:00
Manuel Gutierrez	fe3b9335c1	Update xpack compose	2021-02-17 14:54:04 +01:00
Manuel Gutierrez	771e4e3988	Update Goss tests	2021-02-17 14:53:52 +01:00
Manuel Gutierrez	6f60a87b46	Bump odfe images	2021-02-17 14:44:09 +01:00
Manuel Gutierrez	201e750f2c	Bump xpack images	2021-02-17 14:43:59 +01:00
Manuel Gutierrez	7e75b29a0f	Update paths	2021-02-17 14:07:55 +01:00
Manuel Gutierrez	1c512ae437	Bump versions and update path	2021-02-16 17:19:08 +01:00
Manuel Gutierrez	7cc89ffdb1	Bump versions	2021-02-16 17:17:54 +01:00
Manuel Gutierrez	e3d1aa16d0	Update compatibility matrix	2021-02-16 17:16:55 +01:00
Manuel Gutierrez	b7afcf7646	Bump odfe version	2021-02-16 17:09:28 +01:00
Manuel Gutierrez	b290efb376	Update version	2021-02-16 17:09:09 +01:00
Manuel Gutierrez	8dd9bc0421	Merge pull request #441 from wazuh/add-goss-binary Add goss binary for health checks	2021-02-16 11:30:31 +01:00
Manuel Gutierrez	64db5f9067	Add goss binary for health checks	2021-02-15 18:02:24 +01:00
Manuel Gutierrez	5313c60a06	Merge pull request #409 from wazuh/feature-xpack-4.0 Add images compatible with xpack	2021-02-05 18:10:44 +01:00
Manuel Gutierrez	ca11769d4f	Remove dev tag from version	2021-02-05 16:13:48 +01:00
Manuel Gutierrez	1cc88b3097	Rename cert generator container name	2021-02-04 18:33:04 +01:00
Manuel Gutierrez	e20fb6e728	Add generate-elasticsearch-certs.yml and instances.yml	2021-02-04 18:26:04 +01:00
Manuel Gutierrez	d84631761a	Update xpack-compose	2021-02-04 18:25:39 +01:00
Manuel Gutierrez	08ac53fee9	Merge pull request #435 from wazuh/433-entrypoint-scripts Re-enable entrypoint scripts	2021-02-03 14:02:01 +01:00
Manuel Gutierrez	f4c484e887	Re-enable entrypoint scripts	2021-02-03 11:32:07 +01:00
Manuel Gutierrez	7a99967144	Remove kibana_ip	2021-02-02 19:00:06 +01:00
Manuel Gutierrez	cd7d882261	Use kibana_proto	2021-02-02 18:59:46 +01:00
Manuel Gutierrez	217be9a075	Fix curl auth params	2021-02-02 18:57:16 +01:00
Manuel Gutierrez	e683a68cb4	Bump copyright	2021-01-29 13:13:29 +01:00
Manuel Gutierrez	59b55c6d5c	Bump to 4.0.4	2021-01-29 13:13:10 +01:00
Manuel Gutierrez	0d5d167a5d	Add sample compose for xpack variant	2021-01-26 15:29:34 +01:00
Manuel Gutierrez	13ad837787	Remove duplicated xpack_config exec	2021-01-26 15:29:34 +01:00
Manuel Gutierrez	0ce9aa9991	Set Wazuh app as default route	2021-01-26 15:29:34 +01:00
Manuel Gutierrez	d2c91ff90a	Remove useless ARG	2021-01-26 15:29:34 +01:00
Manuel Gutierrez	c3943a1523	Backport kibana-xpack image to v4	2021-01-26 15:29:34 +01:00
Manuel Gutierrez	6c9506aa9a	Use an ARG to select filebeat channel	2021-01-26 15:29:32 +01:00
Manuel Gutierrez	68256252c7	Merge pull request #432 from wazuh/bump-s6-overlay Bump s6-overlay version	2021-01-25 10:14:29 +01:00
Manuel Gutierrez	c8184b9145	Bump s6-overlay version	2021-01-22 17:53:43 +01:00
Manuel Gutierrez	e2e96c5ba1	Merge pull request #426 from wazuh/release-wazuh_4.0.4 Release wazuh 4.0.4	2021-01-15 17:53:02 +01:00
Manuel Gutierrez	3a5500e3ff	Add link to changelog	2021-01-15 15:29:43 +01:00
Manuel Gutierrez	8dea8fb25b	Bump goss test	2021-01-15 09:58:05 +01:00
Manuel Gutierrez	cfb11720ea	Bump year	2021-01-11 13:05:17 +01:00
Manuel Gutierrez	f41d0f876f	Bump versions	2021-01-11 11:59:12 +01:00
Manuel Gutierrez	56d8c4eaf3	Merge pull request #424 from wazuh/feature-goss-tests Implement image validation with Goss	2021-01-08 09:09:25 +01:00
Manuel Gutierrez	9dc8e256c6	Add tests for Kibana customizations	2021-01-07 16:44:18 +01:00
Manuel Gutierrez	3a028ae547	Execute tests for kibana image	2021-01-07 16:11:49 +01:00
Manuel Gutierrez	309fa27bc2	Add Goss tests for Kibana image	2021-01-07 16:10:24 +01:00
Manuel Gutierrez	a0e7553aa5	Port all tests from Ansible repo	2021-01-07 13:36:55 +01:00
Manuel Gutierrez	5e5f13c1ff	Include GOSS_SLEEP	2020-12-18 18:27:47 +01:00
Manuel Gutierrez	4955c0d5bc	Fix yaml syntax	2020-12-18 18:18:35 +01:00
Manuel Gutierrez	0ed25bab2d	Add Goss Actions	2020-12-18 18:15:11 +01:00
Manuel Gutierrez	dfa19bc348	Add goss verifications	2020-12-18 18:14:38 +01:00
Manuel Gutierrez	3f53a0c174	Update compatibility matrix	2020-11-30 17:22:17 +01:00
Manuel Gutierrez	a8c7fcc67f	Merge pull request #414 from wazuh/release-wazuh_4.0.3 Bump to 4.0.3 version	2020-11-30 17:15:00 +01:00
Manuel Gutierrez	b41c1cf290	Bump to 4.0.3 version	2020-11-30 16:53:20 +01:00
Manuel Gutierrez	68719ac891	Merge pull request #407 from wazuh/release-wazuh_4.0.2 Release wazuh 4.0.2	2020-11-25 15:54:07 +01:00
Manuel Gutierrez	5d32069193	Bump images	2020-11-25 15:12:18 +01:00
Manuel Gutierrez	325b588cbb	Build from sources when testing on Github Actions	2020-11-23 18:10:27 +01:00
Manuel Gutierrez	c6f0c888bb	Bump images to 4.0.2	2020-11-23 18:09:10 +01:00
Manuel Gutierrez	a3945b5491	Update version	2020-11-20 18:12:05 +01:00
Manuel Gutierrez	db0adb9ee1	Update changelog	2020-11-20 18:11:56 +01:00
Manuel Gutierrez	900bd57219	Update matrix	2020-11-20 18:11:42 +01:00
Manuel Gutierrez	1138b3a7f4	Bump wazuh versions	2020-11-20 18:10:22 +01:00
Manuel J. Bernal	752b139329	Merge pull request #405 from wazuh/release-wazuh_4.0.1 Release wazuh 4.0.1	2020-11-19 18:46:24 +01:00
Manuel Gutierrez	fa4815e51a	Update images	2020-11-19 18:13:41 +01:00
Manuel Gutierrez	6e0b3703d6	Update version	2020-11-19 18:12:13 +01:00
Manuel Gutierrez	47e69367e9	Update changelog	2020-11-19 18:11:32 +01:00
Manuel Gutierrez	1d34d7db27	Dump ossec.log to stdout	2020-11-19 17:58:07 +01:00
Manuel Gutierrez	f6c0432bc9	Bump wazuh image	2020-11-19 17:09:18 +01:00
Manuel Gutierrez	353c64ba24	Bump kibana image	2020-11-19 17:09:03 +01:00
Manuel Gutierrez	a680c955bc	Update matrix	2020-11-19 17:08:42 +01:00
Manuel Gutierrez	1b4818c078	Clean old conf	2020-11-19 17:08:25 +01:00
Manuel J. Bernal	3552e995c8	Merge pull request #403 from wazuh/fix-random-passwords Fix password change and refactor disable user into function	2020-11-17 18:38:21 +01:00
Manuel Gutierrez	ddedb606f2	Fix pass change and refactor disable user into function	2020-11-17 18:27:49 +01:00
Manuel Gutierrez	6c6c13b123	Merge pull request #399 from wazuh/fix-default-api-user Set wazuh-wui as default user for the app	2020-11-11 11:46:47 +01:00
Manuel Gutierrez	b76a033a97	Set wazuh-wui as default user for the app	2020-10-29 15:36:55 +01:00
Manuel Gutierrez	581871d5bc	Merge branch '4.0' into master	2020-10-23 20:01:45 +02:00
Manuel J. Bernal	c3d89f89dd	Merge pull request #393 from 1stOfHisGame/inject_wazuh_cluster_key Updating Wazuh cluster key dynamically	2020-10-05 21:58:50 +02:00
rushabh	c78520b135	UPDATE: dynamically replace wazuh cluster key	2020-10-05 01:44:14 +05:30
Manuel J. Bernal	3e63de99a8	Merge pull request #391 from motilevy/patch-1 fix max file descriptors error on docker-compse	2020-10-02 16:47:31 +02:00
motilevy	37d96b5214	fix max file descriptors error on docker-compse When using the docker-compose file, elasticsearch fails to start with the following error: ``` elasticsearch_1 \| [1]: max file descriptors [4096] for elasticsearch process is too low, increase to at least [65535] ``` Adding ``` nofile: soft: 65536 hard: 65536 ``` to the elasticsearch ulimit section fixes the issue.	2020-09-30 17:44:49 -04:00
manuasir	8c9945c111	Fetch github actions build test	2020-09-21 20:05:58 +02:00
Manuel J. Bernal	925521d352	Merge pull request #383 from wazuh/release-3.13.2_7.9.1 Release 3.13.2 7.9.1	2020-09-21 19:59:51 +02:00
Manuel Gutierrez	2028d866a1	Fix typo on PR link	2020-09-18 15:10:58 +02:00
Manuel Gutierrez	4e098924e0	Update CHANGELOG	2020-09-18 15:03:03 +02:00
Manuel Gutierrez	7f98075326	Bump versions to 3.13.2_7.9.1	2020-09-18 15:02:47 +02:00
Manuel J. Bernal	e9fec0e497	Merge pull request #378 from wazuh/fix-filebeat-installation Fix filebeat installation	2020-09-03 21:08:24 +02:00
Manuel Gutierrez	7042854bfa	Pin phusion/baseimage to v0.10.2	2020-09-02 17:56:13 +02:00
Manuel Gutierrez	b63c294288	Move filebeat installation to the build stage	2020-09-02 17:55:18 +02:00
Manuel J. Bernal	9df61de961	Merge pull request #377 from wazuh/bugfix-port-80-redirects Bugfix port 80 redirects	2020-09-02 17:05:58 +02:00
Manuel Gutierrez	86ff04c0b3	Omit port on ssl config	2020-09-02 14:24:59 +02:00
Manuel Gutierrez	0992111200	Allow any other ports on nginx config	2020-09-02 14:24:40 +02:00
chowmean	a1a27922de	adding blocks for port 80 and 443 to fix bug for redirects	2020-09-02 14:00:57 +02:00
Manuel Gutierrez	eba6bc6752	Merge pull request #372 from jfut/cluster-network-host Add CLUSTER_NETWORK_HOST environment variable to configure network.host	2020-09-02 13:44:27 +02:00
Jun Futagawa	2df878f040	Add CLUSTER_NETWORK_HOST environment variable to configure network.host If CLUSTER_NETWORK_HOST is not set, then 0.0.0.0.0 is used.	2020-08-22 12:10:35 +09:00
manuasir	6f039f1de9	Changed job name	2020-07-30 00:16:02 +02:00
manuasir	ebd416615e	Modified run command for docker-compose build	2020-07-30 00:05:27 +02:00
manuasir	a00d16afcd	WIP CI: testing docker-compose build	2020-07-30 00:02:07 +02:00
manuasir	6f2bf0cb3f	Merge branch 'master' into feature-github-actions	2020-07-29 23:27:32 +02:00
Manuel J. Bernal	4acc3b402b	Merge pull request #362 from wazuh/wazuh_release_3.13.1_7.8.0 Wazuh release v3.13.1_7.8.0	2020-07-14 20:45:00 +02:00
Manuel J. Bernal	eba4fdf8eb	Bump docker-compose version	2020-07-14 19:18:31 +02:00
manuasir	1f825c13be	Bump version	2020-07-14 19:15:07 +02:00
Manuel J. Bernal	3cfa63fc2e	Merge pull request #358 from wazuh/release-wazuh_3.13.0_7.7.1 Release wazuh 3.13.0_7.7.1	2020-06-23 16:04:21 +02:00
Manuel Gutierrez	77b163bf10	Check if xpack is enabled	2020-06-23 14:31:18 +02:00
Manuel Gutierrez	2921d67de1	Bump versions to 3.13.0_7.7.1	2020-06-23 12:43:40 +02:00
Manuel J. Bernal	edb1c69294	Merge pull request #356 from wazuh/bugfix-355-http-auth-curl Add HTTP auth to curl when required	2020-06-18 18:42:27 +02:00
Manuel Gutierrez	9536ff5963	Add HTTP auth to curl if required	2020-06-18 18:27:48 +02:00
Jose M. Garcia	146dbff787	Merge pull request #350 from wazuh/bugfix-349-agentless-monitoring Save agentless state	2020-06-08 08:49:27 +02:00
Manuel Gutierrez	489bd01f36	Set 750 permissions for agentless dir	2020-06-01 12:52:06 +02:00
Manuel Gutierrez	54c5c643da	Save agentless state	2020-06-01 12:22:02 +02:00
Manuel J. Bernal	63880eab51	WIP: test build execution	2020-05-04 15:27:05 +02:00
Manuel J. Bernal	fa55036943	Added parameter to build	2020-05-04 15:25:39 +02:00
Manuel J. Bernal	6dab191255	First GitHub action test	2020-05-04 15:23:48 +02:00
Manuel J. Bernal	7e9abfab60	Merge pull request #340 from wazuh/release-wazuh_3.12.3_7.6.2 Release Wazuh 3.12.3_7.6.2	2020-04-30 15:08:43 +02:00
Manuel Gutierrez	183519e2d5	Bump versions to 3.12.3_7.6.2	2020-04-30 14:44:16 +02:00
Manuel Gutierrez	75e7f3df62	Merge pull request #327 from wazuh/release-wazuh_3.12.2_7.6.2 Release wazuh 3.12.2_7.6.2	2020-04-13 16:01:10 +02:00
Manuel Gutierrez	99ddc15cf6	Bump versions to 3.12.2_7.6.2	2020-04-13 09:41:48 +02:00
Manuel J. Bernal	c0a503bc81	Merge pull request #325 from wazuh/release-wazuh_3.12.1_7.6.2 Release wazuh 3.12.1 7.6.2	2020-04-08 19:53:21 +02:00
Manuel Gutierrez	966a3dcef7	Bump versions to 3.12.1_7.6.2	2020-04-08 19:30:10 +02:00
Manuel J. Bernal	9fc689206d	Merge pull request #323 from wazuh/bugfix-agent-timestamp Save queue directory	2020-04-08 14:34:16 +02:00
Manuel Gutierrez	9b329b095e	Copy missing files from queue-template	2020-04-07 19:19:21 +02:00
Manuel Gutierrez	f0ba8c3e63	Save complete queue directory	2020-04-02 18:53:59 +02:00
Manuel J. Bernal	edae7d3c6a	Merge pull request #316 from wazuh/release-wazuh_3.12.0_7.6.1 Release wazuh 3.12.0_7.6.1	2020-03-25 17:45:17 +01:00
Manuel Gutierrez	af5db1efac	Create config file from scratch when not a migration	2020-03-25 14:10:24 +01:00
Manuel Gutierrez	14f0d6d622	Create wazuh config directory	2020-03-24 21:08:32 +01:00
Zenidd	cb60fc8b77	Version and docker images tags fix	2020-03-23 09:30:30 +01:00
Zenidd	4f612e5426	bump versions	2020-03-20 17:11:01 +01:00
Zenidd	90074777da	Updating to Wazuh v3.12. Also license year update.	2020-03-20 16:42:36 +01:00
Manuel J. Bernal	320061f022	Merge pull request #313 from wazuh/release-wazuh_3.11.4_7.6.1 Release wazuh 3.11.4 7.6.1	2020-03-06 17:41:57 +01:00
Manuel Gutierrez	125f83e6df	Update CHANGELOG.md Co-Authored-By: Manuel J. Bernal <manuel.jimenez@wazuh.com>	2020-03-06 17:40:27 +01:00
Manuel Gutierrez	707fe87804	Fix typo	2020-03-06 17:34:25 +01:00
Manuel Gutierrez	c9a43bd5ff	Install Wazuh plugin from kibana folder	2020-03-06 16:43:02 +01:00
Manuel Gutierrez	26679d46f6	Increase max old space size for kibana optimize	2020-03-06 15:34:37 +01:00
Manuel Gutierrez	627e9517d8	Update changelog	2020-03-05 19:28:55 +01:00
Manuel Gutierrez	ced83faef0	Bump docker-compose	2020-03-05 19:16:33 +01:00
Manuel Gutierrez	3b1814ec7b	Bump versions to 3.11.4_7.6.1	2020-03-05 19:15:50 +01:00
Manuel J. Bernal	26d381b403	Merge pull request #308 from wazuh/fix-307-enable-http2 Enable HTTP2 protocol	2020-02-05 15:57:59 +01:00
Manuel J. Bernal	79f402ca2f	Merge pull request #306 from wazuh/fix-305-htpasswd-batch-mode Use batch mode on htpasswd	2020-02-05 15:56:10 +01:00
Manuel J. Bernal	d0ba0465fe	Merge pull request #304 from wazuh/fix-302-nginx-pid1 Fix 302 Execute nginx as PID 1	2020-02-05 15:53:29 +01:00
Manuel J. Bernal	5dbfa958b7	Merge pull request #303 from wazuh/fix-301-update-config-format Update Nginx config syntax	2020-02-05 15:43:50 +01:00
Manuel Gutierrez	c13680e084	Enable HTTP v2	2020-02-05 12:31:22 +01:00
Manuel Gutierrez	e2559957da	Use batch mode on htpasswd	2020-02-04 12:39:22 +01:00
Manuel Gutierrez	6afb9d0779	Exec nginx as PID 1	2020-02-03 17:08:03 +01:00
Manuel Gutierrez	6412cb90f9	Switch entrypoint to json format	2020-02-03 17:07:58 +01:00
Manuel Gutierrez	bde4351a2a	Update Nginx config syntax	2020-02-03 14:44:19 +01:00
Manuel Gutierrez	4f7ae19d81	Merge pull request #300 from wazuh/release-wazuh_3.11.3_7.5.2 Release wazuh 3.11.3 7.5.2	2020-01-28 19:08:12 +01:00
Manuel Gutierrez	d1f1e401b1	Fix typo in CHANGELOG	2020-01-28 18:23:54 +01:00
Manuel Gutierrez	ea27c239b2	Update Changelog	2020-01-28 12:36:06 +01:00
Manuel Gutierrez	e437c1a4ec	Update VERSION file	2020-01-28 12:35:51 +01:00
Manuel Gutierrez	1f57ad6619	Bump versions to 3.11.3_7.5.2	2020-01-28 12:35:24 +01:00
Jose M. Garcia	61a1385462	Merge pull request #298 from wazuh/release-wazuh_3.11.2_7.5.1 Release wazuh 3.11.2 7.5.1	2020-01-22 15:58:07 +01:00
Manuel Gutierrez	427b87d6e1	Update CHANGELOG.md	2020-01-22 15:54:13 +01:00
Manuel Gutierrez	8615cd4d21	Bump nodejs to v10	2020-01-22 15:48:27 +01:00
Manuel Gutierrez	a4a64e66f4	Update CHANGELOG.md	2020-01-22 14:39:07 +01:00
Manuel Gutierrez	a561deeaec	Update VERSION	2020-01-22 14:38:53 +01:00
Manuel Gutierrez	9f710f90c3	Bump to version 3.11.2_7.5.1	2020-01-22 14:38:28 +01:00
Manuel J. Bernal	4b054e88ca	Merge pull request #293 from AnthonySendra/patch-1 Fix S3 plugin installation in Elasticsearch	2020-01-15 15:11:30 +01:00
Anthony Sendra	43da69277f	fix s3 plugin	2020-01-10 12:49:09 +01:00
Jose M. Garcia	17865358d8	Merge pull request #289 from wazuh/wazuh-release-v3.11.1_7.5.1 Wazuh Release v3.11.1_7.5.1	2020-01-07 15:47:05 +01:00
Jose M	95cb2fa3aa	Update CHANGELOG.md	2020-01-07 15:11:08 +01:00
Jose M	bba5b90716	Update CHANGELOG.md	2020-01-07 14:56:04 +01:00
Jose M	afb1c1fba3	Bump version to 3.11.1_7.5.1	2020-01-07 14:55:52 +01:00
Jose M	95b6b70a70	Merge branch 'master' into devel	2020-01-07 14:38:55 +01:00
Jose M. Garcia	44a7a9b16f	Merge pull request #287 from wazuh/3.11.0_7.5.1 Release 3.11.0_7.5.1	2019-12-27 17:30:46 +01:00
Manuel Gutierrez	49f1b476b5	Update changelog	2019-12-27 17:17:39 +01:00
Manuel Gutierrez	e83a092449	Clarify comment	2019-12-27 17:07:58 +01:00
Manuel Gutierrez	380ba92708	Check for previous API settings on Wazuh Plugin	2019-12-27 15:48:49 +01:00
Manuel Gutierrez	7e8e11bfd6	Write API entry to wazuh.yml	2019-12-26 16:56:24 +01:00
Manuel Gutierrez	3c7d0f441d	Remove API setup from Elasticsearch image	2019-12-26 16:49:31 +01:00
Manuel Gutierrez	23fffddf95	Remove default entry	2019-12-26 13:30:10 +01:00
Manuel Gutierrez	88ec0fc043	Update config filename	2019-12-24 18:06:45 +01:00
Manuel Gutierrez	774d14ee18	Update changelog	2019-12-24 17:02:53 +01:00
Manuel Gutierrez	66f50039b0	Bump version to 3.11.0_7.5.1	2019-12-24 16:42:49 +01:00
`@@ -1,2 +1,2 @@`
	`WAZUH-DOCKER_VERSION="4.0.0_1.10.1"`	`WAZUH-DOCKER_VERSION="4.1.1"`
	`REVISION="40000"`	`REVISION="41100"`
		`@@ -1,3 +0,0 @@`
			`cluster.name: wazuh-elastic`
			`network.host: 0.0.0.0`