All notable changes to this project will be documented in this file.
- Update to Wazuh v3.11.3
- Fix Wazuh Agent configuration file for RHEL 8 (@xr09) PR#354
- Fix default port used in Wazuh Agent playbook (@jm404) PR#347
- Update to Wazuh v3.11.2
- Update to Wazuh v3.11.1
-
Update to Wazuh v3.11.0
-
Implemented changes to configure Wazuh API using the
wazuh.yml
file (@xr09) PR#342 -
Wazuh Agent registration task now explicitly notify restart (@jm404) PR#302
-
Support both IP and DNS when creating elastic cluster (@xr09) PR#252
-
Added config tag to the Wazuh Agent's enable task (@xr09) PR#261
-
Implement task to configure Elasticsearch user on every cluster node (@xr09) PR#270
-
Added SCA to Wazuh Agent and Manager installation (@jm404) PR#260
-
Added support for environments with low disk space (@xr09) PR#281
-
Add parameters to configure an Elasticsearch coordinating node (@jm404) PR#292
-
Updated Filebeat and Elasticsearch templates (@manuasir) PR#285
-
Make ossec.conf file more readable by removing trailing whitespaces (@jm404) PR#286
-
Wazuh repositories can now be configured to different sources URLs (@jm404) PR#288
-
Agent installation task now does not hardcodes the "-1" sufix (@jm404) PR#310
-
Enhanced task importation in Wazuh Manager role and removed deprecated warnings (@xr09) PR#320
-
Wazuh API installation task have been upgraded (@rshad) PR#330
-
It's now possible to install Wazuh Manager and Agent from sources (@jm404) PR#329
-
Wazuh Agent registration using agent name has been fixed (@jm404) PR#298
-
Fix Wazuh repository and installation conditionals (@jm404) PR#299
-
Fixed Wazuh Agent registration using an Agent's name (@jm404) PR#334
- Update to Wazuh v3.11.0
- Update to Wazuh v3.10.0
- Updated Kibana @jm404 #237
- Updated agent.conf template @moodymob #222
- Improved molecule tests @rshad #223
- Moved "run_cluster_mode.sh" script to molecule folder @jm404 #a9d2c52
- Fixed typo in the
agent.conf
template @joey1a2b3c #227 - Updated conditionals in tasks to fix Amazon Linux installation @jm404 #229
- Fixed Kibana installation in Amazon Linux @jm404 #232
- Fixed Windows Agent installation and configuration @jm404 #234
- Update to Wazuh v3.9.5
- Update to Elastic Stack to v7.2.1
- Support for registring agents behind NAT @jheikki100 #208
- Default protocol to TCP @ionphractal #204.
- Update to Wazuh v3.9.3 (rshad PR#206)
- Added Versioning Control for Wazuh stack's components installation, so now it's possible to specify which package to install for wazuh-manager, wazuh-agent, Filebeat, Elasticsearch and Kibana. (rshad PR#206)
- Fixes for Molecule testing issues. Issues such as Ansible-Lint and None-Idempotent tasks. (rshad PR#206)
- Fixes for Wazuh components installations' related issues. Such issues were related to determined OS distributions such as
Ubuntu Trusty
andCetOS 6
. (rshad PR#206) - Created Ansible playbook and role in order to automate the uninstallation of already installed Wazuh components. (rshad PR#206)
- Update to Wazuh v3.9.2
- Support for Elastic 7
- Ability to deploy an Elasticsearch cluster #6b95e3
- Update to Wazuh v3.9.2
- Update to Wazuh v3.9.1
- Support for ELK v6.8.0
- Update to Wazuh Wazuh v3.9.0 (manuasir #177).
- Support for Elasticsearch v6.7.1 (LuisGi91 #168).
- Added Molecule testing suit (JJediny #151).
- Added Molecule tests for Wazuh Manager (dj-wasabi #169).
- Added Molecule tests for Wazuh Agent (dj-wasabi #174).
- Fix default active response (LuisGi93 #164).
- Changing from Oracle Java to OpenJDK (LuisGi93 #173).
- Adding alias to agent config file template (LuisGi93 #163).
- Update to Wazuh version v3.8.2. (#150)
- Update to Wazuh version v3.8.1. (#148)
- Added custom name for single agent registration (#117)
- Adapt ossec.conf file for windows agents (#118)
- Added labels to ossec.conf (#135)
- Changed Windows installation directory (#116)
- move redundant tags to the outer block (#133)
- Adapt new version (3.8.0-6.5.4) (#144)
- Fixed a couple linting issues with yamllint and ansible-review (#111)
- Fixes typos: The word credentials doesn't have two consecutive e's (#130)
- Fixed multiple remote connection (#120)
- Fixed null value for wazuh_manager_fqdn (#132)
- Erasing extra spaces in playbooks (#131)
- Fixed oracle java cookies (#143)
- delete useless files from wazuh-manager role (#137)
- Adapt configuration to current release (#106)
- include template local_internal_options.conf. (#87)
- Add multiple Elasticsearch IPs for Logstash reports. (#92)
- Solve the conflict betwwen tha agent configuration and the shared master configuration. Also include monitoring for
/var/log/auth.log
. (#90) - Moved custom_ruleset files. (#98)
- Add authlog fix to localfile. (#99)
- Exceptions reload systemd. (#114)
- clean old code for windows agent. (#86)
- Amazon Linux deployments are now supported (#71) and for the old repository structure (#67)
- Added the option to add rule files and decoders directly over the local rule and decoder directories in /var/ossec/etc (#81).
- Added the necessary variables to configure a new configuration template for the Wazuh API (#80).
- Added the option to verify the shared configuration for agents set in the manager (#76).
- Added the option to configure the active response (#75).
- Repository restructure.
- Extended conditions to register a Wazuh agent. Now will register the agent in cases where there is no client.keys or the file exists but this empty (#79).
- Grouping of tasks in a block under the same condition to improve the efficiency of the code (#74).
- Improved efficiency of the Java repository (#73).
- Fix oracle java cookie (#71).
- include the logall_json label in ossec.conf template. This was causing an error when recreating the cdb_lists (#84).
Ansible starting point.
Roles:
- Elastic Stack:
- ansible-elasticsearch: This role is prepared to install elasticsearch on the host that runs it.
- ansible-kibana: Using this role we will install Kibana on the host that runs it.
- Wazuh:
- ansible-filebeat: This role is prepared to install filebeat on the host that runs it.
- ansible-wazuh-manager: With this role we will install Wazuh manager and Wazuh API on the host that runs it.
- ansible-wazuh-agent: Using this role we will install Wazuh agent on the host that runs it and is able to register it.