Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Removed check functions for Wazuh manager and Filebeat #138

Merged
merged 2 commits into from
Nov 7, 2024
Merged

Removed check functions for Wazuh manager and Filebeat #138

merged 2 commits into from
Nov 7, 2024

Conversation

c-bordon
Copy link
Member

@c-bordon c-bordon commented Nov 7, 2024

close #137

Description

Check functions for Wazuh manager and Filebeat were removed

Tests

Install Wazuh manager standalone

Wazuh manager 
[root@ip-172-31-46-46 ~]# bash wazuh-install.sh --generate-config-files
07/11/2024 12:21:45 INFO: Starting Wazuh installation assistant. Wazuh version: 4.10.0
07/11/2024 12:21:45 INFO: Verbose logging redirected to /var/log/wazuh-install.log
07/11/2024 12:21:46 INFO: Verifying that your system meets the recommended minimum hardware requirements.
07/11/2024 12:21:46 INFO: --- Configuration files ---
07/11/2024 12:21:46 INFO: Generating configuration files.
07/11/2024 12:21:46 INFO: Generating the root certificate.
07/11/2024 12:21:46 INFO: Generating Admin certificates.
07/11/2024 12:21:46 INFO: Generating Wazuh indexer certificates.
07/11/2024 12:21:46 INFO: Generating Filebeat certificates.
07/11/2024 12:21:46 INFO: Generating Wazuh dashboard certificates.
07/11/2024 12:21:47 INFO: Created wazuh-install-files.tar. It contains the Wazuh cluster key, certificates, and passwords necessary for installation.
[root@ip-172-31-46-46 ~]# bash wazuh-install.sh --wazuh-server wazuh-1 -d pre-release
07/11/2024 12:22:43 INFO: Starting Wazuh installation assistant. Wazuh version: 4.10.0
07/11/2024 12:22:43 INFO: Verbose logging redirected to /var/log/wazuh-install.log
07/11/2024 12:22:43 INFO: Verifying that your system meets the recommended minimum hardware requirements.
07/11/2024 12:22:44 INFO: Wazuh development repository added.
07/11/2024 12:22:44 INFO: --- Wazuh server ---
07/11/2024 12:22:44 INFO: Starting the Wazuh manager installation.
07/11/2024 12:23:09 INFO: Wazuh manager installation finished.
07/11/2024 12:23:09 INFO: Wazuh manager vulnerability detection configuration finished.
07/11/2024 12:23:09 INFO: Starting service wazuh-manager.
07/11/2024 12:23:21 INFO: wazuh-manager service started.
07/11/2024 12:23:21 INFO: Starting Filebeat installation.
07/11/2024 12:23:27 INFO: Filebeat installation finished.
07/11/2024 12:23:28 INFO: Filebeat post-install configuration finished.
07/11/2024 12:23:28 INFO: The filebeat.yml file has been updated to use the Filebeat Keystore username and password.
07/11/2024 12:23:43 INFO: Starting service filebeat.
07/11/2024 12:23:43 INFO: filebeat service started.
07/11/2024 12:23:43 INFO: Installation finished.
[root@ip-172-31-46-46 ~]# systemctl status wazuh-manager.service 
● wazuh-manager.service - Wazuh manager
   Loaded: loaded (/usr/lib/systemd/system/wazuh-manager.service; enabled; vendor preset: disabled)
   Active: active (running) since Thu 2024-11-07 12:23:41 UTC; 38s ago
   CGroup: /system.slice/wazuh-manager.service
           ├─10965 /var/ossec/framework/python/bin/python3 /var/ossec/api/scripts/wazuh_apid.py
           ├─10966 /var/ossec/framework/python/bin/python3 /var/ossec/api/scripts/wazuh_apid.py
           ├─10969 /var/ossec/framework/python/bin/python3 /var/ossec/api/scripts/wazuh_apid.py
           ├─10972 /var/ossec/framework/python/bin/python3 /var/ossec/api/scripts/wazuh_apid.py
           ├─11014 /var/ossec/bin/wazuh-authd
           ├─11028 /var/ossec/bin/wazuh-db
           ├─11054 /var/ossec/bin/wazuh-execd
           ├─11066 /var/ossec/bin/wazuh-analysisd
           ├─11076 /var/ossec/bin/wazuh-syscheckd
           ├─11143 /var/ossec/bin/wazuh-remoted
           ├─11185 /var/ossec/bin/wazuh-logcollector
           ├─11202 /var/ossec/bin/wazuh-monitord
           └─11212 /var/ossec/bin/wazuh-modulesd

Nov 07 12:23:36 ip-172-31-46-46.ec2.internal env[10899]: Started wazuh-analysisd...
Nov 07 12:23:37 ip-172-31-46-46.ec2.internal env[10899]: Started wazuh-syscheckd...
Nov 07 12:23:38 ip-172-31-46-46.ec2.internal env[10899]: Started wazuh-remoted...
Nov 07 12:23:38 ip-172-31-46-46.ec2.internal env[10899]: Started wazuh-logcollector...
Nov 07 12:23:38 ip-172-31-46-46.ec2.internal env[10899]: Started wazuh-monitord...
Nov 07 12:23:38 ip-172-31-46-46.ec2.internal env[10899]: 2024/11/07 12:23:38 wazuh-modulesd:router: INFO: Loaded router module.
Nov 07 12:23:38 ip-172-31-46-46.ec2.internal env[10899]: 2024/11/07 12:23:38 wazuh-modulesd:content_manager: INFO: Loaded content_manager module.
Nov 07 12:23:39 ip-172-31-46-46.ec2.internal env[10899]: Started wazuh-modulesd...
Nov 07 12:23:41 ip-172-31-46-46.ec2.internal env[10899]: Completed.
Nov 07 12:23:41 ip-172-31-46-46.ec2.internal systemd[1]: Started Wazuh manager.
[root@ip-172-31-46-46 ~]# systemctl status filebeat
● filebeat.service - Filebeat sends log files to Logstash or directly to Elasticsearch.
   Loaded: loaded (/usr/lib/systemd/system/filebeat.service; enabled; vendor preset: disabled)
   Active: active (running) since Thu 2024-11-07 12:23:28 UTC; 58s ago
     Docs: https://www.elastic.co/products/beats/filebeat
 Main PID: 10637 (filebeat)
   CGroup: /system.slice/filebeat.service
           └─10637 /usr/share/filebeat/bin/filebeat --environment systemd -c /etc/filebeat/filebeat.yml --path.home /usr/share/filebeat --path.config /etc/filebeat --path.data /var/lib/filebeat --path.logs /var/log/filebeat

Nov 07 12:23:28 ip-172-31-46-46.ec2.internal systemd[1]: Started Filebeat sends log files to Logstash or directly to Elasticsearch..
[root@ip-172-31-46-46 ~]# systemctl status wazuh-indexer
Unit wazuh-indexer.service could not be found.

Install AIO

Wazuh AIO 
[root@ip-172-31-46-46 ~]# bash wazuh-install.sh -a -d pre-release
07/11/2024 12:28:30 INFO: Starting Wazuh installation assistant. Wazuh version: 4.10.0
07/11/2024 12:28:30 INFO: Verbose logging redirected to /var/log/wazuh-install.log
07/11/2024 12:28:30 INFO: Verifying that your system meets the recommended minimum hardware requirements.
07/11/2024 12:28:30 INFO: Wazuh web interface port will be 443.
07/11/2024 12:28:31 INFO: Wazuh development repository added.
07/11/2024 12:28:31 INFO: --- Configuration files ---
07/11/2024 12:28:31 INFO: Generating configuration files.
07/11/2024 12:28:31 INFO: Generating the root certificate.
07/11/2024 12:28:31 INFO: Generating Admin certificates.
07/11/2024 12:28:31 INFO: Generating Wazuh indexer certificates.
07/11/2024 12:28:31 INFO: Generating Filebeat certificates.
07/11/2024 12:28:31 INFO: Generating Wazuh dashboard certificates.
07/11/2024 12:28:31 INFO: Created wazuh-install-files.tar. It contains the Wazuh cluster key, certificates, and passwords necessary for installation.
07/11/2024 12:28:31 INFO: --- Wazuh indexer ---
07/11/2024 12:28:31 INFO: Starting Wazuh indexer installation.
07/11/2024 12:29:01 INFO: Wazuh indexer installation finished.
07/11/2024 12:29:01 INFO: Wazuh indexer post-install configuration finished.
07/11/2024 12:29:01 INFO: Starting service wazuh-indexer.
07/11/2024 12:29:15 INFO: wazuh-indexer service started.
07/11/2024 12:29:15 INFO: Initializing Wazuh indexer cluster security settings.
07/11/2024 12:29:18 INFO: Wazuh indexer cluster security configuration initialized.
07/11/2024 12:29:18 INFO: Wazuh indexer cluster initialized.
07/11/2024 12:29:18 INFO: --- Wazuh server ---
07/11/2024 12:29:18 INFO: Starting the Wazuh manager installation.
07/11/2024 12:29:43 INFO: Wazuh manager installation finished.
07/11/2024 12:29:43 INFO: Wazuh manager vulnerability detection configuration finished.
07/11/2024 12:29:43 INFO: Starting service wazuh-manager.
07/11/2024 12:29:55 INFO: wazuh-manager service started.
07/11/2024 12:29:55 INFO: Starting Filebeat installation.
07/11/2024 12:30:00 INFO: Filebeat installation finished.
07/11/2024 12:30:01 INFO: Filebeat post-install configuration finished.
07/11/2024 12:30:01 INFO: Starting service filebeat.
07/11/2024 12:30:01 INFO: filebeat service started.
07/11/2024 12:30:01 INFO: --- Wazuh dashboard ---
07/11/2024 12:30:01 INFO: Starting Wazuh dashboard installation.
07/11/2024 12:30:01 INFO: Another process is using YUM. Waiting for it to release the lock. Next retry in 30 seconds (1/10)
07/11/2024 12:31:21 INFO: Wazuh dashboard installation finished.
07/11/2024 12:31:21 INFO: Wazuh dashboard post-install configuration finished.
07/11/2024 12:31:21 INFO: Starting service wazuh-dashboard.
07/11/2024 12:31:22 INFO: wazuh-dashboard service started.
07/11/2024 12:31:22 INFO: Updating the internal users.
07/11/2024 12:31:26 INFO: A backup of the internal users has been saved in the /etc/wazuh-indexer/internalusers-backup folder.
07/11/2024 12:31:38 INFO: The filebeat.yml file has been updated to use the Filebeat Keystore username and password.
07/11/2024 12:32:04 INFO: Initializing Wazuh dashboard web application.
07/11/2024 12:32:05 INFO: Wazuh dashboard web application initialized.
07/11/2024 12:32:05 INFO: --- Summary ---
07/11/2024 12:32:05 INFO: You can access the web interface https://<wazuh-dashboard-ip>:443
    User: admin
    Password: 5R7xH44HCL9V7HxbiC06l?abqy+??dMR
07/11/2024 12:32:05 INFO: Installation finished.

Install Component by Component

Wazuh indexer 
[root@ip-172-31-46-46 ~]# bash wazuh-install.sh --wazuh-indexer wazuh-indexer -d pre-release
07/11/2024 12:48:30 INFO: Starting Wazuh installation assistant. Wazuh version: 4.10.0
07/11/2024 12:48:30 INFO: Verbose logging redirected to /var/log/wazuh-install.log
07/11/2024 12:48:31 INFO: Verifying that your system meets the recommended minimum hardware requirements.
07/11/2024 12:48:31 INFO: Wazuh development repository added.
07/11/2024 12:48:31 INFO: --- Wazuh indexer ---
07/11/2024 12:48:31 INFO: Starting Wazuh indexer installation.
07/11/2024 12:48:45 INFO: Wazuh indexer installation finished.
07/11/2024 12:48:45 INFO: Wazuh indexer post-install configuration finished.
07/11/2024 12:48:45 INFO: Starting service wazuh-indexer.
07/11/2024 12:48:59 INFO: wazuh-indexer service started.
07/11/2024 12:48:59 INFO: Initializing Wazuh indexer cluster security settings.
07/11/2024 12:48:59 INFO: Wazuh indexer cluster initialized.
07/11/2024 12:48:59 INFO: Installation finished.
[root@ip-172-31-46-46 ~]# bash wazuh-install.sh --start-cluster -d pre-release
07/11/2024 12:49:54 INFO: Starting Wazuh installation assistant. Wazuh version: 4.10.0
07/11/2024 12:49:54 INFO: Verbose logging redirected to /var/log/wazuh-install.log
07/11/2024 12:49:54 INFO: Verifying that your system meets the recommended minimum hardware requirements.
07/11/2024 12:49:56 INFO: Wazuh indexer cluster security configuration initialized.
07/11/2024 12:49:57 INFO: Updating the internal users.
07/11/2024 12:49:59 INFO: A backup of the internal users has been saved in the /etc/wazuh-indexer/internalusers-backup folder.
07/11/2024 12:50:09 INFO: Wazuh indexer cluster started.
Wazuh server 
[root@ip-172-31-46-46 ~]# bash wazuh-install.sh --wazuh-server wazuh-server -d pre-release
07/11/2024 12:50:39 INFO: Starting Wazuh installation assistant. Wazuh version: 4.10.0
07/11/2024 12:50:39 INFO: Verbose logging redirected to /var/log/wazuh-install.log
07/11/2024 12:50:40 INFO: Verifying that your system meets the recommended minimum hardware requirements.
07/11/2024 12:50:40 INFO: Wazuh development repository added.
07/11/2024 12:50:40 INFO: --- Wazuh server ---
07/11/2024 12:50:40 INFO: Starting the Wazuh manager installation.
07/11/2024 12:50:58 INFO: Wazuh manager installation finished.
07/11/2024 12:50:58 INFO: Wazuh manager vulnerability detection configuration finished.
07/11/2024 12:50:58 INFO: Starting service wazuh-manager.
07/11/2024 12:51:11 INFO: wazuh-manager service started.
07/11/2024 12:51:11 INFO: Starting Filebeat installation.
07/11/2024 12:51:16 INFO: Filebeat installation finished.
07/11/2024 12:51:17 INFO: Filebeat post-install configuration finished.
07/11/2024 12:51:18 INFO: The filebeat.yml file has been updated to use the Filebeat Keystore username and password.
07/11/2024 12:51:36 INFO: Starting service filebeat.
07/11/2024 12:51:36 INFO: filebeat service started.
07/11/2024 12:51:36 INFO: Installation finished.
Wazuh dashboard 
[root@ip-172-31-46-46 ~]# bash wazuh-install.sh --wazuh-dashboard wazuh-dashboard -d pre-release
07/11/2024 12:51:56 INFO: Starting Wazuh installation assistant. Wazuh version: 4.10.0
07/11/2024 12:51:56 INFO: Verbose logging redirected to /var/log/wazuh-install.log
07/11/2024 12:51:57 INFO: Verifying that your system meets the recommended minimum hardware requirements.
07/11/2024 12:51:57 INFO: Wazuh web interface port will be 443.
07/11/2024 12:51:57 INFO: Wazuh development repository added.
07/11/2024 12:51:57 INFO: --- Wazuh dashboard ----
07/11/2024 12:51:57 INFO: Starting Wazuh dashboard installation.
07/11/2024 12:52:41 INFO: Wazuh dashboard installation finished.
07/11/2024 12:52:41 INFO: Wazuh dashboard post-install configuration finished.
07/11/2024 12:52:41 INFO: Starting service wazuh-dashboard.
07/11/2024 12:52:42 INFO: wazuh-dashboard service started.
07/11/2024 12:52:59 INFO: Initializing Wazuh dashboard web application.
07/11/2024 12:53:00 INFO: Wazuh dashboard web application initialized.
07/11/2024 12:53:00 INFO: --- Summary ---
07/11/2024 12:53:00 INFO: You can access the web interface https://<wazuh-dashboard-ip>:443
    User: admin
    Password: 5R7xH44HCL9V7HxbiC06l?abqy+??dMR
07/11/2024 12:53:00 INFO: Installation finished.

@c-bordon c-bordon requested a review from a team November 7, 2024 12:53
@c-bordon c-bordon self-assigned this Nov 7, 2024
@c-bordon c-bordon linked an issue Nov 7, 2024 that may be closed by this pull request
Revert post-installation validation for Wazuh manager and Filebeat #137
Closed
1 task
vcerenu
vcerenu previously approved these changes Nov 7, 2024
View reviewed changes
teddytpc1
teddytpc1 previously approved these changes Nov 7, 2024
View reviewed changes
Enaraque
Enaraque previously approved these changes Nov 7, 2024
View reviewed changes
CarlosALgit
CarlosALgit previously approved these changes Nov 7, 2024
View reviewed changes
@teddytpc1 teddytpc1 merged commit 3b37098 into 4.10.0 Nov 7, 2024
@teddytpc1 teddytpc1 deleted the change/137-revert-post-installation-validation-for-wazuh-manager-and-filebeat branch November 7, 2024 13:10
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@teddytpc1 teddytpc1 teddytpc1 approved these changes

@CarlosALgit CarlosALgit CarlosALgit left review comments

@Enaraque Enaraque Enaraque left review comments

@vcerenu vcerenu vcerenu left review comments

Assignees

@c-bordon c-bordon

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

Revert post-installation validation for Wazuh manager and Filebeat
5 participants
@c-bordon @teddytpc1 @vcerenu @Enaraque @CarlosALgit