-
Notifications
You must be signed in to change notification settings - Fork 357
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Changed API configuration step in offline documentation #7234
Changed API configuration step in offline documentation #7234
Conversation
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
And what about all the user administration documents? For example password management document or the Google SSO as administrator
wazuh-documentation/source/user-manual/user-administration/password-management.rst
Line 243 in bed6341
url: https://localhost wazuh-documentation/source/user-manual/user-administration/single-sign-on/administrator/google.rst
Line 253 in bed6341
url: https://localhost
same for LDAP occurrences. Or for example these lines?
url: https://localhost url: https://localhost
@@ -444,14 +444,14 @@ Installing the Wazuh dashboard | |||
|
|||
.. include:: /_templates/installations/dashboard/enable_dashboard.rst | |||
|
|||
#. **Only for distributed deployments**: Edit the file ``/usr/share/wazuh-dashboard/data/wazuh/config/wazuh.yml`` and replace the ``url`` value with the IP address or hostname of the Wazuh server master node. | |||
#. Edit the file ``/usr/share/wazuh-dashboard/data/wazuh/config/wazuh.yml`` and replace the ``url`` value with the IP address or hostname of the Wazuh server master node. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
#. Edit the file ``/usr/share/wazuh-dashboard/data/wazuh/config/wazuh.yml`` and replace the ``url`` value with the IP address or hostname of the Wazuh server master node. | |
#. Edit the file ``/usr/share/wazuh-dashboard/data/wazuh/config/wazuh.yml`` and replace the ``url`` value with the IP address or hostname of the Wazuh server master node. |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Done
|
||
.. code-block:: yaml | ||
:emphasize-lines: 3 | ||
|
||
hosts: | ||
- default: | ||
url: https://localhost | ||
url: https://<wazuh_server_ip> |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
url: https://<wazuh_server_ip> | |
url: https://<WAZUH_SERVER_IP_ADDRESS> |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
We use uppercase and underscores for placeholders.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Done
@@ -463,7 +463,7 @@ Installing the Wazuh dashboard | |||
|
|||
#. Access the web interface. | |||
|
|||
- URL: *https://<wazuh_server_ip>* | |||
- URL: *https://<wazuh_dashboard_ip>* |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
- URL: *https://<wazuh_dashboard_ip>* | |
- URL: *https://<WAZUH_DASHBOARD_IP_ADDRESS>* |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Done
@@ -99,20 +99,20 @@ Starting the Wazuh dashboard service | |||
.. include:: /_templates/installations/dashboard/enable_dashboard.rst | |||
|
|||
|
|||
**Only for distributed deployments** | |||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Done
@@ -99,20 +99,20 @@ Starting the Wazuh dashboard service | |||
.. include:: /_templates/installations/dashboard/enable_dashboard.rst | |||
|
|||
|
|||
**Only for distributed deployments** | |||
|
|||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Done
@@ -99,20 +99,20 @@ Starting the Wazuh dashboard service | |||
.. include:: /_templates/installations/dashboard/enable_dashboard.rst | |||
|
|||
|
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Done
run_as: false | ||
hosts: | ||
- default: | ||
url: https://<wazuh_server_ip> |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
url: https://<wazuh_server_ip> | |
url: https://<WAZUH_SERVER_IP_ADDRESS> |
There was a problem hiding this comment.
Choose a reason for hiding this comment
The reason will be displayed to describe this comment to others. Learn more.
Done
Changes of
Show log[root@ip-172-31-36-140 ec2-user]# bash wazuh-install.sh -dw rpm
30/04/2024 16:29:19 INFO: Starting Wazuh installation assistant. Wazuh version: 4.8.0
30/04/2024 16:29:19 INFO: Verbose logging redirected to /var/log/wazuh-install.log
30/04/2024 16:29:22 INFO: Verifying that your system meets the recommended minimum hardware requirements.
30/04/2024 16:29:28 INFO: --- Download Packages ---
30/04/2024 16:29:28 INFO: Starting Wazuh packages download.
30/04/2024 16:29:28 INFO: Downloading Wazuh rpm packages for x86_64.
30/04/2024 16:29:33 INFO: The manager package was downloaded.
30/04/2024 16:29:34 INFO: The filebeat package was downloaded.
30/04/2024 16:29:44 INFO: The indexer package was downloaded.
30/04/2024 16:29:49 INFO: The dashboard package was downloaded.
30/04/2024 16:29:49 INFO: The packages are in wazuh-offline/wazuh-packages
30/04/2024 16:29:49 INFO: Downloading configuration files and assets.
30/04/2024 16:29:49 INFO: The resource https://packages-dev.wazuh.com/key/GPG-KEY-WAZUH was downloaded.
30/04/2024 16:29:50 INFO: The resource https://packages-dev.wazuh.com/4.8/tpl/wazuh/filebeat/filebeat.yml was downloaded.
30/04/2024 16:29:50 INFO: The resource https://raw.githubusercontent.com/wazuh/wazuh/4.8.0/extensions/elasticsearch/7.x/wazuh-template.json was downloaded.
30/04/2024 16:29:50 INFO: The resource https://packages-dev.wazuh.com/pre-release/filebeat/wazuh-filebeat-0.4.tar.gz was downloaded.
30/04/2024 16:29:50 INFO: The configuration files and assets are in wazuh-offline.tar.gz
30/04/2024 16:31:01 INFO: You can follow the installation guide here https://documentation.wazuh.com/current/deployment-options/offline-installation.html
[root@ip-172-31-36-140 ec2-user]# curl -sO https://packages-dev.wazuh.com/4.8/config.yml
[root@ip-172-31-36-140 ec2-user]# nano config.yml
[root@ip-172-31-36-140 ec2-user]# curl -sO https://packages-dev.wazuh.com/4.8/wazuh-certs-tool.sh
[root@ip-172-31-36-140 ec2-user]# bash wazuh-certs-tool.sh --all
30/04/2024 16:32:42 INFO: Generating the root certificate.
30/04/2024 16:32:42 INFO: Generating Admin certificates.
30/04/2024 16:32:42 INFO: Admin certificates created.
30/04/2024 16:32:42 INFO: Generating Wazuh indexer certificates.
30/04/2024 16:32:43 INFO: Wazuh indexer certificates created.
30/04/2024 16:32:43 INFO: Generating Filebeat certificates.
30/04/2024 16:32:43 INFO: Wazuh Filebeat certificates created.
30/04/2024 16:32:43 INFO: Generating Wazuh dashboard certificates.
30/04/2024 16:32:43 INFO: Wazuh dashboard certificates created.
[root@ip-172-31-36-140 ec2-user]# tar xf wazuh-offline.tar.gz
[root@ip-172-31-36-140 ec2-user]# rpm --import ./wazuh-offline/wazuh-files/GPG-KEY-WAZUH
[root@ip-172-31-36-140 ec2-user]# rpm -ivh ./wazuh-offline/wazuh-packages/wazuh-indexer*.rpm
Preparing... ################################# [100%]
Updating / installing...
1:wazuh-indexer-4.8.0-1 ################################# [100%]
Created opensearch keystore in /etc/wazuh-indexer/opensearch.keystore
[root@ip-172-31-36-140 ec2-user]# NODE_NAME=node-1
[root@ip-172-31-36-140 ec2-user]# mkdir /etc/wazuh-indexer/certs
[root@ip-172-31-36-140 ec2-user]# mv -n wazuh-certificates/$NODE_NAME.pem /etc/wazuh-indexer/certs/indexer.pem
[root@ip-172-31-36-140 ec2-user]# mv -n wazuh-certificates/$NODE_NAME-key.pem /etc/wazuh-indexer/certs/indexer-key.pem
[root@ip-172-31-36-140 ec2-user]# mv wazuh-certificates/admin-key.pem /etc/wazuh-indexer/certs/
[root@ip-172-31-36-140 ec2-user]# mv wazuh-certificates/admin.pem /etc/wazuh-indexer/certs/
[root@ip-172-31-36-140 ec2-user]# cp wazuh-certificates/root-ca.pem /etc/wazuh-indexer/certs/
[root@ip-172-31-36-140 ec2-user]# chmod 500 /etc/wazuh-indexer/certs
[root@ip-172-31-36-140 ec2-user]# chmod 400 /etc/wazuh-indexer/certs/*
[root@ip-172-31-36-140 ec2-user]# chown -R wazuh-indexer:wazuh-indexer /etc/wazuh-indexer/certs
[root@ip-172-31-36-140 ec2-user]# nano /etc/wazuh-indexer/opensearch.yml
[root@ip-172-31-36-140 ec2-user]# systemctl daemon-reload
[root@ip-172-31-36-140 ec2-user]# systemctl enable wazuh-indexer
Created symlink from /etc/systemd/system/multi-user.target.wants/wazuh-indexer.service to /usr/lib/systemd/system/wazuh-indexer.service.
[root@ip-172-31-36-140 ec2-user]# systemctl start wazuh-indexer
[root@ip-172-31-36-140 ec2-user]# /usr/share/wazuh-indexer/bin/indexer-security-init.sh
**************************************************************************
** This tool will be deprecated in the next major release of OpenSearch **
** https://github.com/opensearch-project/security/issues/1755 **
**************************************************************************
Security Admin v7
Will connect to 127.0.0.1:9200 ... done
Connected as "CN=admin,OU=Wazuh,O=Wazuh,L=California,C=US"
OpenSearch Version: 2.10.0
Contacting opensearch cluster 'opensearch' and wait for YELLOW clusterstate ...
Clustername: wazuh-cluster
Clusterstate: GREEN
Number of nodes: 1
Number of data nodes: 1
.opendistro_security index does not exists, attempt to create it ... done (0-all replicas)
Populate config from /etc/wazuh-indexer/opensearch-security/
Will update '/config' with /etc/wazuh-indexer/opensearch-security/config.yml
SUCC: Configuration for 'config' created or updated
Will update '/roles' with /etc/wazuh-indexer/opensearch-security/roles.yml
SUCC: Configuration for 'roles' created or updated
Will update '/rolesmapping' with /etc/wazuh-indexer/opensearch-security/roles_mapping.yml
SUCC: Configuration for 'rolesmapping' created or updated
Will update '/internalusers' with /etc/wazuh-indexer/opensearch-security/internal_users.yml
SUCC: Configuration for 'internalusers' created or updated
Will update '/actiongroups' with /etc/wazuh-indexer/opensearch-security/action_groups.yml
SUCC: Configuration for 'actiongroups' created or updated
Will update '/tenants' with /etc/wazuh-indexer/opensearch-security/tenants.yml
SUCC: Configuration for 'tenants' created or updated
Will update '/nodesdn' with /etc/wazuh-indexer/opensearch-security/nodes_dn.yml
SUCC: Configuration for 'nodesdn' created or updated
Will update '/whitelist' with /etc/wazuh-indexer/opensearch-security/whitelist.yml
SUCC: Configuration for 'whitelist' created or updated
Will update '/audit' with /etc/wazuh-indexer/opensearch-security/audit.yml
SUCC: Configuration for 'audit' created or updated
Will update '/allowlist' with /etc/wazuh-indexer/opensearch-security/allowlist.yml
SUCC: Configuration for 'allowlist' created or updated
SUCC: Expected 10 config types for node {"updated_config_types":["allowlist","tenants","rolesmapping","nodesdn","audit","roles","whitelist","internalusers","actiongroups","config"],"updated_config_size":10,"message":null} is 10 (["allowlist","tenants","rolesmapping","nodesdn","audit","roles","whitelist","internalusers","actiongroups","config"]) due to: null
Done with success
[root@ip-172-31-36-140 ec2-user]# curl -XGET https://127.0.0.1:9200 -u admin:admin -k
{
"name" : "node-1",
"cluster_name" : "wazuh-cluster",
"cluster_uuid" : "hiJYvQy-R02Jk9jZn76R-Q",
"version" : {
"number" : "7.10.2",
"build_type" : "rpm",
"build_hash" : "eee49cb340edc6c4d489bcd9324dda571fc8dc03",
"build_date" : "2023-09-20T23:54:29.889267151Z",
"build_snapshot" : false,
"lucene_version" : "9.7.0",
"minimum_wire_compatibility_version" : "7.10.0",
"minimum_index_compatibility_version" : "7.0.0"
},
"tagline" : "The OpenSearch Project: https://opensearch.org/"
}
[root@ip-172-31-36-140 ec2-user]# curl -XGET https://localhost:9200 -u admin:admin -k
{
"name" : "node-1",
"cluster_name" : "wazuh-cluster",
"cluster_uuid" : "hiJYvQy-R02Jk9jZn76R-Q",
"version" : {
"number" : "7.10.2",
"build_type" : "rpm",
"build_hash" : "eee49cb340edc6c4d489bcd9324dda571fc8dc03",
"build_date" : "2023-09-20T23:54:29.889267151Z",
"build_snapshot" : false,
"lucene_version" : "9.7.0",
"minimum_wire_compatibility_version" : "7.10.0",
"minimum_index_compatibility_version" : "7.0.0"
},
"tagline" : "The OpenSearch Project: https://opensearch.org/"
}
[root@ip-172-31-36-140 ec2-user]# rpm --import ./wazuh-offline/wazuh-files/GPG-KEY-WAZUH
[root@ip-172-31-36-140 ec2-user]# rpm -ivh ./wazuh-offline/wazuh-packages/wazuh-manager*.rpm
Preparing... ################################# [100%]
Updating / installing...
1:wazuh-manager-4.8.0-1 ################################# [100%]
[root@ip-172-31-36-140 ec2-user]# /var/ossec/bin/wazuh-keystore -f indexer ^C password -v admin
[root@ip-172-31-36-140 ec2-user]# /var/ossec/bin/wazuh-keystore -f indexer -k username -v admin
[root@ip-172-31-36-140 ec2-user]# /var/ossec/bin/wazuh-keystore -f indexer -k password -v admin
[root@ip-172-31-36-140 ec2-user]# systemctl daemon-reload
[root@ip-172-31-36-140 ec2-user]# systemctl enable wazuh-manager
Created symlink from /etc/systemd/system/multi-user.target.wants/wazuh-manager.service to /usr/lib/systemd/system/wazuh-manager.service.
[root@ip-172-31-36-140 ec2-user]# systemctl start wazuh-manager
[root@ip-172-31-36-140 ec2-user]# rpm -ivh ./wazuh-offline/wazuh-packages/filebeat*.rpm
Preparing... ################################# [100%]
Updating / installing...
1:filebeat-7.10.2-1 ################################# [100%]
[root@ip-172-31-36-140 ec2-user]# cp ./wazuh-offline/wazuh-files/filebeat.yml /etc/filebeat/ &&\
> cp ./wazuh-offline/wazuh-files/wazuh-template.json /etc/filebeat/ &&\
> chmod go+r /etc/filebeat/wazuh-template.json
cp: overwrite ‘/etc/filebeat/filebeat.yml’? y
[root@ip-172-31-36-140 ec2-user]# nano /etc/filebeat/filebeat.yml
[root@ip-172-31-36-140 ec2-user]# filebeat keystore create
Created filebeat keystore
[root@ip-172-31-36-140 ec2-user]# echo admin | filebeat keystore add username --stdin --force
Successfully updated the keystore
[root@ip-172-31-36-140 ec2-user]# echo admin | filebeat keystore add password --stdin --force
Successfully updated the keystore
[root@ip-172-31-36-140 ec2-user]# tar -xzf ./wazuh-offline/wazuh-files/wazuh-filebeat-0.4.tar.gz -C /usr/share/filebeat/module
[root@ip-172-31-36-140 ec2-user]# NODE_NAME=wazuh-1
[root@ip-172-31-36-140 ec2-user]# mkdir /etc/filebeat/certs
[root@ip-172-31-36-140 ec2-user]# mv -n wazuh-certificates/$NODE_NAME.pem /etc/filebeat/certs/filebeat.pem
[root@ip-172-31-36-140 ec2-user]# mv -n wazuh-certificates/$NODE_NAME-key.pem /etc/filebeat/certs/filebeat-key.pem
[root@ip-172-31-36-140 ec2-user]# cp wazuh-certificates/root-ca.pem /etc/filebeat/certs/
[root@ip-172-31-36-140 ec2-user]# chmod 500 /etc/filebeat/certs
[root@ip-172-31-36-140 ec2-user]# chmod 400 /etc/filebeat/certs/*
[root@ip-172-31-36-140 ec2-user]# chown -R root:root /etc/filebeat/certs
[root@ip-172-31-36-140 ec2-user]# systemctl daemon-reload
[root@ip-172-31-36-140 ec2-user]# systemctl enable filebeat
Created symlink from /etc/systemd/system/multi-user.target.wants/filebeat.service to /usr/lib/systemd/system/filebeat.service.
[root@ip-172-31-36-140 ec2-user]# systemctl start filebeat
[root@ip-172-31-36-140 ec2-user]# filebeat test output
elasticsearch: https://127.0.0.1:9200...
parse url... OK
connection...
parse host... OK
dns lookup... OK
addresses: 127.0.0.1
dial up... OK
TLS...
security: server's certificate chain verification is enabled
handshake... OK
TLS version: TLSv1.3
dial up... OK
talk to server... OK
version: 7.10.2
[root@ip-172-31-36-140 ec2-user]# rpm --import ./wazuh-offline/wazuh-files/GPG-KEY-WAZUH
[root@ip-172-31-36-140 ec2-user]# rpm -ivh ./wazuh-offline/wazuh-packages/wazuh-dashboard*.rpm
Preparing... ################################# [100%]
Updating / installing...
1:wazuh-dashboard-4.8.0-1 ################################# [100%]
[root@ip-172-31-36-140 ec2-user]# NODE_NAME=dashboard
[root@ip-172-31-36-140 ec2-user]# mkdir /etc/wazuh-dashboard/certs
[root@ip-172-31-36-140 ec2-user]# mv -n wazuh-certificates/$NODE_NAME.pem /etc/wazuh-dashboard/certs/dashboard.pem
[root@ip-172-31-36-140 ec2-user]# mv -n wazuh-certificates/$NODE_NAME-key.pem /etc/wazuh-dashboard/certs/dashboard-key.pem
[root@ip-172-31-36-140 ec2-user]# cp wazuh-certificates/root-ca.pem /etc/wazuh-dashboard/certs/
[root@ip-172-31-36-140 ec2-user]# chmod 500 /etc/wazuh-dashboard/certs
[root@ip-172-31-36-140 ec2-user]# chmod 400 /etc/wazuh-dashboard/certs/*
[root@ip-172-31-36-140 ec2-user]# chown -R wazuh-dashboard:wazuh-dashboard /etc/wazuh-dashboard/certs
[root@ip-172-31-36-140 ec2-user]# nano /etc/wazuh-dashboard/opensearch_dashboards.yml
[root@ip-172-31-36-140 ec2-user]# systemctl daemon-reload
[root@ip-172-31-36-140 ec2-user]# systemctl enable wazuh-dashboard
Created symlink from /etc/systemd/system/multi-user.target.wants/wazuh-dashboard.service to /etc/systemd/system/wazuh-dashboard.service.
[root@ip-172-31-36-140 ec2-user]# systemctl start wazuh-dashboard
[root@ip-172-31-36-140 ec2-user]# nano /usr/share/wazuh-dashboard/data/wazuh/config/wazuh.yml
[root@ip-172-31-36-140 ec2-user]# curl -u wazuh-wui:wazuh-wui -k -X GET "https://127.0.0.1:55000/security/user/authenticate?raw=true"
eyJhbGciOiJFUzUxMiIsInR5cCI6IkpXVCJ9.eyJpc3MiOiJ3YXp1aCIsImF1ZCI6IldhenVoIEFQSSBSRVNUIiwibmJmIjoxNzE0NDk1Nzk3LCJleHAiOjE3MTQ0OTY2OTcsInN1YiI6IndhenVoLXd1aSIsInJ1bl9hcyI6ZmFsc2UsInJiYWNfcm9sZXMiOlsxXSwicmJhY19tb2RlIjoid2hpdGUifQ.AG6kZBmP79GsYbbszxRq0TDWVSu7iLoyZ3GApQ6Unjsc1_NMEBmRpvYRLLH5hYDZmXydd2iV3MpXktwncBXmOcX9Ad1WWVyCVIth8V_G46rriPAP56lQ06Rmi57ZqEeqFCssH0bj1mu61LeYMnGxeg5SkF7kQNTKjuH8mWwujRLuGZSF[root@ip-172-31-36-140 ec2-user]# |
Description
Closes: #7225
The aim of this to change the
localhost
value of the/usr/share/wazuh-dashboard/data/wazuh/config/wazuh.yml
file of the Wazuh offline documentation and the Step-by-step documentation of the Wazuh dashboard installation.This change is done because we do not support the
localhost
value in that file due to wazuh/wazuh-packages#2771. This also implies to remove theOnly for distributed deployments
note.Also, I flxed a typo in the Offline documentation.
Checks
Docs building
Code formatting and web optimization
redirects.js
script if necessary (check this guide).Writing style
code
font for Bash commands, file names, REST paths, and code.