From bd49c1f33dfd3579bfe8b8187bbe6fafc7d976b4 Mon Sep 17 00:00:00 2001 From: c-bordon Date: Fri, 20 Oct 2023 12:01:06 -0300 Subject: [PATCH 1/5] Removed reference for Wazuh indexer and dashboard mixed node from Readme file --- README.md | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/README.md b/README.md index 51f451b4d..0a4f285bc 100644 --- a/README.md +++ b/README.md @@ -89,7 +89,7 @@ These playbooks install and configure Wazuh agent, manager and indexer and dashb ### Playbook -The hereunder example playbook uses the `wazuh-ansible` role to provision a production-ready Wazuh environment. The architecture includes 2 Wazuh nodes, 3 Wazuh indexer nodes and a mixed Wazuh dashboard node (Wazuh indexer data node + Wazuh dashboard). +The hereunder example playbook uses the `wazuh-ansible` role to provision a production-ready Wazuh environment. The architecture includes 2 Wazuh nodes, 3 Wazuh indexer nodes, and a Wazuh dashboard node. ```yaml --- @@ -248,7 +248,7 @@ The hereunder example playbook uses the `wazuh-ansible` role to provision a prod - "{{ hostvars.wi2.private_ip }}" - "{{ hostvars.wi3.private_ip }}" -# Indexer + dashboard node +# dashboard node - hosts: dashboard roles: - role: "../roles/wazuh/wazuh-indexer" From 6ed9efa05f95cb5d88b8e364c85691b5a55fede9 Mon Sep 17 00:00:00 2001 From: c-bordon Date: Fri, 20 Oct 2023 12:02:36 -0300 Subject: [PATCH 2/5] Fixed Wazuh dashboard node commentary --- README.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/README.md b/README.md index 0a4f285bc..49888e57e 100644 --- a/README.md +++ b/README.md @@ -248,7 +248,7 @@ The hereunder example playbook uses the `wazuh-ansible` role to provision a prod - "{{ hostvars.wi2.private_ip }}" - "{{ hostvars.wi3.private_ip }}" -# dashboard node +# Wazuh dashboard node - hosts: dashboard roles: - role: "../roles/wazuh/wazuh-indexer" From 7ffb4c1e8eadc6a8136b1b4f9f058db615454470 Mon Sep 17 00:00:00 2001 From: c-bordon Date: Mon, 23 Oct 2023 11:15:30 -0300 Subject: [PATCH 3/5] Removed Wazuh indexer reference from Wazuh dashboard node --- README.md | 67 -------------------------- playbooks/wazuh-production-ready.yml | 70 +--------------------------- 2 files changed, 1 insertion(+), 136 deletions(-) diff --git a/README.md b/README.md index 49888e57e..85075530e 100644 --- a/README.md +++ b/README.md @@ -158,33 +158,6 @@ The hereunder example playbook uses the `wazuh-ansible` role to provision a prod - "{{ hostvars.wi2.private_ip }}" - "{{ hostvars.wi3.private_ip }}" indexer_node_master: true - instances: - node1: - name: node-1 # Important: must be equal to indexer_node_name. - ip: "{{ hostvars.wi1.private_ip }}" # When unzipping, the node will search for its node name folder to get the cert. - role: indexer - node2: - name: node-2 - ip: "{{ hostvars.wi2.private_ip }}" - role: indexer - node3: - name: node-3 - ip: "{{ hostvars.wi3.private_ip }}" - role: indexer - node4: - name: node-4 - ip: "{{ hostvars.manager.private_ip }}" - role: wazuh - node_type: master - node5: - name: node-5 - ip: "{{ hostvars.worker.private_ip }}" - role: wazuh - node_type: worker - node6: - name: node-6 - ip: "{{ hostvars.dashboard.private_ip }}" - role: dashboard # Wazuh cluster - hosts: manager @@ -251,24 +224,10 @@ The hereunder example playbook uses the `wazuh-ansible` role to provision a prod # Wazuh dashboard node - hosts: dashboard roles: - - role: "../roles/wazuh/wazuh-indexer" - role: "../roles/wazuh/wazuh-dashboard" become: yes become_user: root vars: - indexer_network_host: "{{ hostvars.dashboard.private_ip }}" - indexer_node_name: node-6 - indexer_node_master: false - indexer_node_ingest: false - indexer_node_data: false - indexer_cluster_nodes: - - "{{ hostvars.wi1.private_ip }}" - - "{{ hostvars.wi2.private_ip }}" - - "{{ hostvars.wi3.private_ip }}" - indexer_discovery_nodes: - - "{{ hostvars.wi1.private_ip }}" - - "{{ hostvars.wi2.private_ip }}" - - "{{ hostvars.wi3.private_ip }}" dashboard_node_name: node-6 wazuh_api_credentials: - id: default @@ -277,32 +236,6 @@ The hereunder example playbook uses the `wazuh-ansible` role to provision a prod username: custom-user password: SecretPassword1! instances: - node1: - name: node-1 - ip: "{{ hostvars.wi1.private_ip }}" # When unzipping, the node will search for its node name folder to get the cert. - role: indexer - node2: - name: node-2 - ip: "{{ hostvars.wi2.private_ip }}" - role: indexer - node3: - name: node-3 - ip: "{{ hostvars.wi3.private_ip }}" - role: indexer - node4: - name: node-4 - ip: "{{ hostvars.manager.private_ip }}" - role: wazuh - node_type: master - node5: - name: node-5 - ip: "{{ hostvars.worker.private_ip }}" - role: wazuh - node_type: worker - node6: - name: node-6 - ip: "{{ hostvars.dashboard.private_ip }}" - role: dashboard ansible_shell_allow_world_readable_temp: true ``` diff --git a/playbooks/wazuh-production-ready.yml b/playbooks/wazuh-production-ready.yml index 26a33d98e..642e06255 100644 --- a/playbooks/wazuh-production-ready.yml +++ b/playbooks/wazuh-production-ready.yml @@ -64,33 +64,6 @@ - "{{ hostvars.wi2.private_ip }}" - "{{ hostvars.wi3.private_ip }}" indexer_node_master: true - instances: - node1: - name: node-1 # Important: must be equal to indexer_node_name. - ip: "{{ hostvars.wi1.private_ip }}" # When unzipping, the node will search for its node name folder to get the cert. - role: indexer - node2: - name: node-2 - ip: "{{ hostvars.wi2.private_ip }}" - role: indexer - node3: - name: node-3 - ip: "{{ hostvars.wi3.private_ip }}" - role: indexer - node4: - name: node-4 - ip: "{{ hostvars.manager.private_ip }}" - role: wazuh - node_type: master - node5: - name: node-5 - ip: "{{ hostvars.worker.private_ip }}" - role: wazuh - node_type: worker - node6: - name: node-6 - ip: "{{ hostvars.dashboard.private_ip }}" - role: dashboard # Wazuh cluster - hosts: manager @@ -154,27 +127,13 @@ - "{{ hostvars.wi2.private_ip }}" - "{{ hostvars.wi3.private_ip }}" -# Indexer + dashboard node +# Wazuh dashboard node - hosts: dashboard roles: - - role: "../roles/wazuh/wazuh-indexer" - role: "../roles/wazuh/wazuh-dashboard" become: yes become_user: root vars: - indexer_network_host: "{{ hostvars.dashboard.private_ip }}" - indexer_node_name: node-6 - indexer_node_master: false - indexer_node_ingest: false - indexer_node_data: false - indexer_cluster_nodes: - - "{{ hostvars.wi1.private_ip }}" - - "{{ hostvars.wi2.private_ip }}" - - "{{ hostvars.wi3.private_ip }}" - indexer_discovery_nodes: - - "{{ hostvars.wi1.private_ip }}" - - "{{ hostvars.wi2.private_ip }}" - - "{{ hostvars.wi3.private_ip }}" dashboard_node_name: node-6 wazuh_api_credentials: - id: default @@ -182,31 +141,4 @@ port: 55000 username: custom-user password: SecretPassword1! - instances: - node1: - name: node-1 - ip: "{{ hostvars.wi1.private_ip }}" # When unzipping, the node will search for its node name folder to get the cert. - role: indexer - node2: - name: node-2 - ip: "{{ hostvars.wi2.private_ip }}" - role: indexer - node3: - name: node-3 - ip: "{{ hostvars.wi3.private_ip }}" - role: indexer - node4: - name: node-4 - ip: "{{ hostvars.manager.private_ip }}" - role: wazuh - node_type: master - node5: - name: node-5 - ip: "{{ hostvars.worker.private_ip }}" - role: wazuh - node_type: worker - node6: - name: node-6 - ip: "{{ hostvars.dashboard.private_ip }}" - role: dashboard ansible_shell_allow_world_readable_temp: true From c448e8a7f62bae5cbdef8e6395d3c18fb5a61b17 Mon Sep 17 00:00:00 2001 From: c-bordon Date: Mon, 23 Oct 2023 17:18:17 -0300 Subject: [PATCH 4/5] Removed Wazuh indexer node in Wazuh dashboard node --- README.md | 29 +++++++++++++++++++++++++++- playbooks/wazuh-production-ready.yml | 28 +++++++++++++++++++++++++++ 2 files changed, 56 insertions(+), 1 deletion(-) diff --git a/README.md b/README.md index 85075530e..41485fb99 100644 --- a/README.md +++ b/README.md @@ -158,6 +158,33 @@ The hereunder example playbook uses the `wazuh-ansible` role to provision a prod - "{{ hostvars.wi2.private_ip }}" - "{{ hostvars.wi3.private_ip }}" indexer_node_master: true + instances: + node1: + name: node-1 # Important: must be equal to indexer_node_name. + ip: "{{ hostvars.wi1.private_ip }}" # When unzipping, the node will search for its node name folder to get the cert. + role: indexer + node2: + name: node-2 + ip: "{{ hostvars.wi2.private_ip }}" + role: indexer + node3: + name: node-3 + ip: "{{ hostvars.wi3.private_ip }}" + role: indexer + node4: + name: node-4 + ip: "{{ hostvars.manager.private_ip }}" + role: wazuh + node_type: master + node5: + name: node-5 + ip: "{{ hostvars.worker.private_ip }}" + role: wazuh + node_type: worker + node6: + name: node-6 + ip: "{{ hostvars.dashboard.private_ip }}" + role: dashboard # Wazuh cluster - hosts: manager @@ -228,6 +255,7 @@ The hereunder example playbook uses the `wazuh-ansible` role to provision a prod become: yes become_user: root vars: + indexer_network_host: "{{ hostvars.wi1.private_ip }}" dashboard_node_name: node-6 wazuh_api_credentials: - id: default @@ -235,7 +263,6 @@ The hereunder example playbook uses the `wazuh-ansible` role to provision a prod port: 55000 username: custom-user password: SecretPassword1! - instances: ansible_shell_allow_world_readable_temp: true ``` diff --git a/playbooks/wazuh-production-ready.yml b/playbooks/wazuh-production-ready.yml index 642e06255..83849e04f 100644 --- a/playbooks/wazuh-production-ready.yml +++ b/playbooks/wazuh-production-ready.yml @@ -64,6 +64,33 @@ - "{{ hostvars.wi2.private_ip }}" - "{{ hostvars.wi3.private_ip }}" indexer_node_master: true + instances: + node1: + name: node-1 # Important: must be equal to indexer_node_name. + ip: "{{ hostvars.wi1.private_ip }}" # When unzipping, the node will search for its node name folder to get the cert. + role: indexer + node2: + name: node-2 + ip: "{{ hostvars.wi2.private_ip }}" + role: indexer + node3: + name: node-3 + ip: "{{ hostvars.wi3.private_ip }}" + role: indexer + node4: + name: node-4 + ip: "{{ hostvars.manager.private_ip }}" + role: wazuh + node_type: master + node5: + name: node-5 + ip: "{{ hostvars.worker.private_ip }}" + role: wazuh + node_type: worker + node6: + name: node-6 + ip: "{{ hostvars.dashboard.private_ip }}" + role: dashboard # Wazuh cluster - hosts: manager @@ -134,6 +161,7 @@ become: yes become_user: root vars: + indexer_network_host: "{{ hostvars.wi1.private_ip }}" dashboard_node_name: node-6 wazuh_api_credentials: - id: default From b032f30ee4529f8f67526c5f008b1fb168dfb05a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?David=20Correa=20Rodr=C3=ADguez?= Date: Wed, 25 Oct 2023 16:05:06 +0200 Subject: [PATCH 5/5] Updated wazuh-kibana-app references --- roles/wazuh/wazuh-dashboard/templates/wazuh.yml.j2 | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/roles/wazuh/wazuh-dashboard/templates/wazuh.yml.j2 b/roles/wazuh/wazuh-dashboard/templates/wazuh.yml.j2 index 030c75061..5755a366b 100644 --- a/roles/wazuh/wazuh-dashboard/templates/wazuh.yml.j2 +++ b/roles/wazuh/wazuh-dashboard/templates/wazuh.yml.j2 @@ -16,7 +16,7 @@ # https://documentation.wazuh.com/current/installation-guide/index.html # # Also, you can check our repository: -# https://github.com/wazuh/wazuh-dashboard +# https://github.com/wazuh/wazuh-dashboard-plugins # # ------------------------------- Index patterns ------------------------------- #