-
Notifications
You must be signed in to change notification settings - Fork 186
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
- Loading branch information
Showing
33 changed files
with
799 additions
and
29 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,12 @@ | ||
# To get started with Dependabot version updates, you'll need to specify which | ||
# package ecosystems to update and where the package manifests are located. | ||
# Please see the documentation for all configuration options: | ||
# https://docs.github.com/github/administering-a-repository/configuration-options-for-dependency-updates | ||
|
||
version: 2 | ||
updates: | ||
- package-ecosystem: "pip" # See documentation for possible values | ||
directory: "/" # Location of package manifests | ||
schedule: | ||
interval: "daily" | ||
target-branch: "4.4" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -1,2 +1,2 @@ | ||
WAZUH-ANSIBLE_VERSION="v4.3.10" | ||
REVISION="40323" | ||
WAZUH-ANSIBLE_VERSION="v4.4.0" | ||
REVISION="40400" |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
|
@@ -8,7 +8,7 @@ | |
|
||
def get_wazuh_version(): | ||
"""This return the version of Wazuh.""" | ||
return "4.3.10" | ||
return "4.4.0" | ||
|
||
|
||
|
||
|
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,36 @@ | ||
--- | ||
|
||
######################################################## | ||
# Helper variables | ||
private_ip: '{{ ansible_default_ipv4.address }}' | ||
|
||
managers_hostvars: "{{ groups['managers'] | map('extract', hostvars) | list }}" | ||
elastic_hostvars: "{{ groups['elastic'] | map('extract', hostvars) | list }}" | ||
kibana_hostvars: "{{ groups['kibana'] | map('extract', hostvars) | list }}" | ||
|
||
manager_addresses: "{{ managers_hostvars | map(attribute='private_ip') | list }}" | ||
elastic_addresses: "{{ elastic_hostvars | map(attribute='private_ip') | list }}" | ||
kibana_addresses: "{{ kibana_hostvars | map(attribute='private_ip') | list }}" | ||
|
||
######################################################## | ||
# Versions | ||
elastic_stack_version: 7.10.2 | ||
filebeat_version: 7.10.2 | ||
|
||
# Debian packages need the ${VERSION}-1 | ||
wazuh_manager_version: 4.4.0-1 | ||
wazuh_agent_version: 4.4.0-1 | ||
|
||
# Kibana role appends it automatically. | ||
wazuh_version: 4.4.0 | ||
|
||
######################################################## | ||
# General ELK stack variables | ||
|
||
# Xpack Security: autogenerate CA | ||
generate_CA: true | ||
filebeat_xpack_security: true | ||
kibana_xpack_security: true | ||
elasticsearch_xpack_security: true | ||
elasticsearch_xpack_security_user: elastic | ||
elasticsearch_xpack_security_password: elastic_pass |
64 changes: 64 additions & 0 deletions
64
molecule/distributed-wazuh-elk-xpack/tests/test_default.py
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,64 @@ | ||
import os | ||
import pytest | ||
import testinfra.utils.ansible_runner | ||
|
||
testinfra_hosts = testinfra.utils.ansible_runner.AnsibleRunner( | ||
os.environ['MOLECULE_INVENTORY_FILE']).get_hosts('all') | ||
|
||
|
||
def get_wazuh_version(): | ||
"""This return the version of Wazuh.""" | ||
return "4.4.0" | ||
|
||
|
||
def test_wazuh_packages_are_installed(host): | ||
"""Test the main packages are installed.""" | ||
manager = host.package("wazuh-manager") | ||
assert manager.is_installed | ||
assert manager.version.startswith(get_wazuh_version()) | ||
|
||
|
||
def test_wazuh_services_are_running(host): | ||
"""Test the services are enabled and running. | ||
When assert commands are commented, this means that the service command has | ||
a wrong exit code: https://github.com/wazuh/wazuh-ansible/issues/107 | ||
""" | ||
# This currently doesn't work with out current Docker base images | ||
# manager = host.service("wazuh-manager") | ||
# api = host.service("wazuh-api") | ||
# assert manager.is_running | ||
# assert api.is_running | ||
output = host.check_output( | ||
'ps aux | grep ossec | tr -s " " | cut -d" " -f11' | ||
) | ||
assert 'ossec-authd' in output | ||
assert 'wazuh-modulesd' in output | ||
assert 'wazuh-db' in output | ||
assert 'ossec-execd' in output | ||
assert 'ossec-monitord' in output | ||
assert 'ossec-remoted' in output | ||
assert 'ossec-logcollector' in output | ||
assert 'ossec-analysisd' in output | ||
assert 'ossec-syscheckd' in output | ||
|
||
|
||
@pytest.mark.parametrize("wazuh_file, wazuh_owner, wazuh_group, wazuh_mode", [ | ||
("/var/ossec/etc/sslmanager.cert", "root", "root", 0o640), | ||
("/var/ossec/etc/sslmanager.key", "root", "root", 0o640), | ||
("/var/ossec/etc/rules/local_rules.xml", "wazuh", "wazuh", 0o640), | ||
("/var/ossec/etc/lists/audit-keys", "wazuh", "wazuh", 0o660), | ||
]) | ||
def test_wazuh_files(host, wazuh_file, wazuh_owner, wazuh_group, wazuh_mode): | ||
"""Test Wazuh related files exist and have proper owners and mode.""" | ||
wazuh_file_host = host.file(wazuh_file) | ||
assert wazuh_file_host.user == wazuh_owner | ||
assert wazuh_file_host.group == wazuh_group | ||
assert wazuh_file_host.mode == wazuh_mode | ||
|
||
|
||
def test_filebeat_is_installed(host): | ||
"""Test the elasticsearch package is installed.""" | ||
filebeat = host.package("filebeat") | ||
assert filebeat.is_installed | ||
assert filebeat.version.startswith('7.10.2') |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,23 @@ | ||
--- | ||
|
||
######################################################## | ||
# Helper variables | ||
private_ip: '{{ ansible_default_ipv4.address }}' | ||
|
||
managers_hostvars: "{{ groups['managers'] | map('extract', hostvars) | list }}" | ||
elastic_hostvars: "{{ groups['elastic'] | map('extract', hostvars) | list }}" | ||
|
||
manager_addresses: "{{ managers_hostvars | map(attribute='private_ip') | list }}" | ||
elastic_addresses: "{{ elastic_hostvars | map(attribute='private_ip') | list }}" | ||
|
||
######################################################## | ||
# Versions | ||
elastic_stack_version: 7.10.2 | ||
filebeat_version: 7.10.2 | ||
|
||
# Debian packages need the ${VERSION}-1 | ||
wazuh_manager_version: 4.4.0-1 | ||
wazuh_agent_version: 4.4.0-1 | ||
|
||
# Kibana role appends it automatically. | ||
wazuh_version: 4.4.0 |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Original file line number | Diff line number | Diff line change |
---|---|---|
@@ -0,0 +1,47 @@ | ||
--- | ||
|
||
######################################################## | ||
# Helper variables | ||
private_ip: '{{ ansible_default_ipv4.address }}' | ||
|
||
managers_hostvars: "{{ groups['managers'] | map('extract', hostvars) | list }}" | ||
elastic_hostvars: "{{ groups['elastic'] | map('extract', hostvars) | list }}" | ||
kibana_hostvars: "{{ groups['kibana'] | map('extract', hostvars) | list }}" | ||
|
||
manager_addresses: "{{ managers_hostvars | map(attribute='private_ip') | list }}" | ||
elastic_addresses: "{{ elastic_hostvars | map(attribute='private_ip') | list }}" | ||
kibana_addresses: "{{ kibana_hostvars | map(attribute='private_ip') | list }}" | ||
|
||
######################################################## | ||
# General ELK stack variables | ||
|
||
# OpenDistro | ||
kibana_opendistro_security: true | ||
|
||
opendistro_kibana_user: kibanaserver | ||
opendistro_security_user: elastic | ||
|
||
opendistro_kibana_password: changeme | ||
opendistro_security_password: admin | ||
opendistro_admin_password: changeme | ||
|
||
# All nodes are called by IP name | ||
elasticsearch_node_name: '{{ ansible_hostname }}' | ||
kibana_node_name: '{{ ansible_hostname }}' | ||
filebeat_node_name: '{{ ansible_hostname }}' | ||
|
||
######################################################## | ||
# Versions | ||
# See: https://opendistro.github.io/for-elasticsearch-docs/version-history/ | ||
|
||
elastic_stack_version: 7.10.2 | ||
opendistro_version: 1.13.2 | ||
filebeat_version: 7.10.2 | ||
kibana_opendistro_version: 1.13.2-1 | ||
|
||
# Debian packages need the ${VERSION}-1 | ||
wazuh_manager_version: 4.4.0-1 | ||
wazuh_agent_version: 4.4.0-1 | ||
|
||
# Kibana role appends it automatically. | ||
wazuh_version: 4.4.0 |
Oops, something went wrong.