Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add a post-install validation for Wazuh manager and Filebeat in the WIA #2786

Closed
2 tasks
c-bordon opened this issue Jan 18, 2024 · 2 comments · Fixed by #3059
Closed
2 tasks

Add a post-install validation for Wazuh manager and Filebeat in the WIA #2786

c-bordon opened this issue Jan 18, 2024 · 2 comments · Fixed by #3059
Assignees
@vcerenu
Labels
level/task Subtask issue type/enhancement Enhancement issue

Comments

@c-bordon
Copy link
Member

Description

We must add validation that the Wazuh manager and Filebeat services have started correctly after installation and before continuing with the rest of the installation. Similar to what exists for Wazuh indexer and Wazuh dashboard

Tasks

  • Add methods to validate that these two services are started and working correctly

Validation

  • Validate that the methods interrupt the installation in the case where these components are not started correctly
@c-bordon c-bordon added level/task Subtask issue type/enhancement Enhancement issue labels Jan 18, 2024
@c-bordon c-bordon assigned c-bordon and unassigned c-bordon May 21, 2024
@teddytpc1 teddytpc1 mentioned this issue Jun 27, 2024
Closed
@wazuhci wazuhci moved this to Backlog in Release 4.10.0 Jun 27, 2024
@vcerenu vcerenu self-assigned this Jul 12, 2024
@wazuhci wazuhci moved this from Backlog to In progress in Release 4.10.0 Jul 12, 2024
@wazuhci wazuhci moved this from In progress to On hold in Release 4.10.0 Jul 16, 2024
@wazuhci wazuhci moved this from On hold to In progress in Release 4.10.0 Jul 23, 2024
@vcerenu
Copy link
Member

vcerenu commented Jul 24, 2024

I have been reviewing the current code of the Installation assistant and checking what modifications the current functions require to add the checks for both services.

@vcerenu
Copy link
Member

vcerenu commented Jul 26, 2024

A check was added to the Wazuh manager for the API, also checking that it does not contain errors.
Regarding Filebeat, it was checked that the filebeat test output command does not generate errors

A test installation was performed using the v4.8.0 sources so that the components of the Wazuh stack can be installed:

All in one

# bash ./wazuh-install.sh -a
26/07/2024 14:17:08 INFO: Starting Wazuh installation assistant. Wazuh version: 4.8.0
26/07/2024 14:17:08 INFO: Verbose logging redirected to /var/log/wazuh-install.log
26/07/2024 14:17:10 INFO: Verifying that your system meets the recommended minimum hardware requirements.
26/07/2024 14:17:19 INFO: Wazuh web interface port will be 443.
26/07/2024 14:17:27 INFO: Wazuh repository added.
26/07/2024 14:17:27 INFO: --- Configuration files ---
26/07/2024 14:17:27 INFO: Generating configuration files.
26/07/2024 14:17:27 INFO: Generating the root certificate.
26/07/2024 14:17:27 INFO: Generating Admin certificates.
26/07/2024 14:17:28 INFO: Generating Wazuh indexer certificates.
26/07/2024 14:17:28 INFO: Generating Filebeat certificates.
26/07/2024 14:17:28 INFO: Generating Wazuh dashboard certificates.
26/07/2024 14:17:29 INFO: Created wazuh-install-files.tar. It contains the Wazuh cluster key, certificates, and passwords necessary for installation.
26/07/2024 14:17:29 INFO: --- Wazuh indexer ---
26/07/2024 14:17:29 INFO: Starting Wazuh indexer installation.
26/07/2024 14:18:30 INFO: Wazuh indexer installation finished.
26/07/2024 14:18:30 INFO: Wazuh indexer post-install configuration finished.
26/07/2024 14:18:30 INFO: Starting service wazuh-indexer.
26/07/2024 14:18:51 INFO: wazuh-indexer service started.
26/07/2024 14:18:51 INFO: Initializing Wazuh indexer cluster security settings.
26/07/2024 14:19:01 INFO: Wazuh indexer cluster security configuration initialized.
26/07/2024 14:19:01 INFO: Wazuh indexer cluster initialized.
26/07/2024 14:19:01 INFO: --- Wazuh server ---
26/07/2024 14:19:01 INFO: Starting the Wazuh manager installation.
26/07/2024 14:21:02 INFO: Wazuh manager installation finished.
26/07/2024 14:21:02 INFO: Wazuh manager vulnerability detection configuration finished.
26/07/2024 14:21:02 INFO: Starting service wazuh-manager.
26/07/2024 14:21:20 INFO: wazuh-manager service started.
26/07/2024 14:21:20 INFO: Checking Wazuh API connection
26/07/2024 14:21:26 INFO: Wazuh API connection successful
26/07/2024 14:21:26 INFO: End Wazuh API connection
26/07/2024 14:21:26 INFO: Starting Filebeat installation.
26/07/2024 14:21:36 INFO: Filebeat installation finished.
26/07/2024 14:21:38 INFO: Filebeat post-install configuration finished.
26/07/2024 14:21:38 INFO: Starting service filebeat.
26/07/2024 14:21:40 INFO: filebeat service started.
26/07/2024 14:21:40 INFO: Checking Filebeat connection
26/07/2024 14:21:40 INFO: Filebeat connection successful
26/07/2024 14:21:41 INFO: --- Wazuh dashboard ---
26/07/2024 14:21:41 INFO: Starting Wazuh dashboard installation.
26/07/2024 14:24:49 INFO: Wazuh dashboard installation finished.
26/07/2024 14:24:49 INFO: Wazuh dashboard post-install configuration finished.
26/07/2024 14:24:49 INFO: Starting service wazuh-dashboard.
26/07/2024 14:24:49 INFO: wazuh-dashboard service started.
26/07/2024 14:24:52 INFO: Updating the internal users.
26/07/2024 14:25:03 INFO: A backup of the internal users has been saved in the /etc/wazuh-indexer/internalusers-backup folder.
26/07/2024 14:25:50 INFO: Initializing Wazuh dashboard web application.
26/07/2024 14:25:52 INFO: Wazuh dashboard web application initialized.
26/07/2024 14:25:52 INFO: --- Summary ---
26/07/2024 14:25:52 INFO: You can access the web interface https://<wazuh-dashboard-ip>:443
    User: admin
    Password: GanzeZO9nOjbUHQRs5wbFGZml8Qef*4T
26/07/2024 14:25:52 INFO: Installation finished.

All in one - Verbose mode

# bash ./wazuh-install.sh -a -v
26/07/2024 12:52:30 DEBUG: Checking root permissions.
26/07/2024 12:52:30 DEBUG: Checking sudo package.
26/07/2024 12:52:30 INFO: Starting Wazuh installation assistant. Wazuh version: 4.8.0
26/07/2024 12:52:30 INFO: Verbose logging redirected to /var/log/wazuh-install.log
26/07/2024 12:52:30 DEBUG: APT package manager will be used.
26/07/2024 12:52:30 DEBUG: Checking system distribution.
26/07/2024 12:52:31 DEBUG: Detected distribution name: ubuntu
26/07/2024 12:52:31 DEBUG: Detected distribution version: 22
26/07/2024 12:52:31 DEBUG: Checking Wazuh installation.
26/07/2024 12:52:32 DEBUG: Checking system architecture.
26/07/2024 12:52:32 INFO: Verifying that your system meets the recommended minimum hardware requirements.
26/07/2024 12:52:32 DEBUG: CPU cores detected: 4
26/07/2024 12:52:32 DEBUG: Free RAM memory detected: 4913
26/07/2024 12:52:32 DEBUG: Installing check dependencies.
Hit:1 https://mirrors.edge.kernel.org/ubuntu jammy InRelease
Get:2 https://mirrors.edge.kernel.org/ubuntu jammy-updates InRelease [128 kB]
Hit:3 https://mirrors.edge.kernel.org/ubuntu jammy-backports InRelease
Get:4 https://mirrors.edge.kernel.org/ubuntu jammy-security InRelease [129 kB]
Fetched 257 kB in 5s (57.0 kB/s)
Reading package lists...
26/07/2024 12:52:40 INFO: Wazuh web interface port will be 443.
26/07/2024 12:52:40 DEBUG: Checking ports availability.
26/07/2024 12:52:41 DEBUG: Installing prerequisites dependencies.
Hit:1 https://mirrors.edge.kernel.org/ubuntu jammy InRelease
Hit:2 https://mirrors.edge.kernel.org/ubuntu jammy-updates InRelease
Hit:3 https://mirrors.edge.kernel.org/ubuntu jammy-backports InRelease
Hit:4 https://mirrors.edge.kernel.org/ubuntu jammy-security InRelease
Reading package lists...
26/07/2024 12:52:45 DEBUG: Checking curl tool version.
26/07/2024 12:52:45 DEBUG: Adding the Wazuh repository.
gpg: keyring '/usr/share/keyrings/wazuh.gpg' created
gpg: key 96B3EE5F29111145: public key "Wazuh.com (Wazuh Signing Key) <[email protected]>" imported
gpg: Total number processed: 1
gpg:               imported: 1
deb [signed-by=/usr/share/keyrings/wazuh.gpg] https://packages.wazuh.com/4.x/apt/ stable main
Hit:1 https://mirrors.edge.kernel.org/ubuntu jammy InRelease
Hit:2 https://mirrors.edge.kernel.org/ubuntu jammy-updates InRelease
Get:3 https://packages.wazuh.com/4.x/apt stable InRelease [17.3 kB]
Hit:4 https://mirrors.edge.kernel.org/ubuntu jammy-backports InRelease
Hit:5 https://mirrors.edge.kernel.org/ubuntu jammy-security InRelease
Get:6 https://packages.wazuh.com/4.x/apt stable/main amd64 Packages [42.1 kB]
Fetched 59.4 kB in 2s (31.5 kB/s)
Reading package lists...
26/07/2024 12:52:49 INFO: Wazuh repository added.
26/07/2024 12:52:49 INFO: --- Configuration files ---
26/07/2024 12:52:49 INFO: Generating configuration files.
26/07/2024 12:52:49 DEBUG: Creating Wazuh certificates.
26/07/2024 12:52:49 DEBUG: Reading configuration file.
26/07/2024 12:52:49 DEBUG: Checking if 127.0.0.1 is private.
26/07/2024 12:52:49 DEBUG: Checking if 127.0.0.1 is private.
26/07/2024 12:52:49 DEBUG: Checking if 127.0.0.1 is private.
26/07/2024 12:52:49 INFO: Generating the root certificate.
26/07/2024 12:52:49 INFO: Generating Admin certificates.
26/07/2024 12:52:49 DEBUG: Generating Admin private key.
26/07/2024 12:52:49 DEBUG: Converting Admin private key to PKCS8 format.
26/07/2024 12:52:49 DEBUG: Generating Admin CSR.
26/07/2024 12:52:49 DEBUG: Creating Admin certificate.
26/07/2024 12:52:49 INFO: Generating Wazuh indexer certificates.
26/07/2024 12:52:49 DEBUG: Creating the certificates for wazuh-indexer indexer node.
26/07/2024 12:52:49 DEBUG: Generating certificate configuration.
26/07/2024 12:52:49 DEBUG: Creating the Wazuh indexer tmp key pair.
26/07/2024 12:52:49 DEBUG: Creating the Wazuh indexer certificates.
26/07/2024 12:52:49 INFO: Generating Filebeat certificates.
26/07/2024 12:52:49 DEBUG: Generating the certificates for wazuh-server server node.
26/07/2024 12:52:49 DEBUG: Generating certificate configuration.
26/07/2024 12:52:49 DEBUG: Creating the Wazuh server tmp key pair.
26/07/2024 12:52:50 DEBUG: Creating the Wazuh server certificates.
26/07/2024 12:52:50 INFO: Generating Wazuh dashboard certificates.
26/07/2024 12:52:50 DEBUG: Generating certificate configuration.
26/07/2024 12:52:50 DEBUG: Creating the Wazuh dashboard tmp key pair.
26/07/2024 12:52:50 DEBUG: Creating the Wazuh dashboard certificates.
26/07/2024 12:52:50 DEBUG: Cleaning certificate files.
26/07/2024 12:52:50 DEBUG: Generating password file.
26/07/2024 12:52:50 DEBUG: Generating random passwords.
26/07/2024 12:52:50 INFO: Created wazuh-install-files.tar. It contains the Wazuh cluster key, certificates, and passwords necessary for installation.
26/07/2024 12:52:50 DEBUG: Extracting Wazuh configuration.
26/07/2024 12:52:50 DEBUG: Reading configuration file.
26/07/2024 12:52:51 DEBUG: Checking if 127.0.0.1 is private.
26/07/2024 12:52:51 DEBUG: Checking if 127.0.0.1 is private.
26/07/2024 12:52:51 DEBUG: Checking if 127.0.0.1 is private.
26/07/2024 12:52:51 INFO: --- Wazuh indexer ---
26/07/2024 12:52:51 INFO: Starting Wazuh indexer installation.
Reading package lists... Building dependency tree... Reading state information... The following NEW packages will be installed: wazuh-indexer 0 upgraded, 1 newly installed, 0 to remove and 137 not upgraded. Need to get 0 B/759 MB of archives. After this operation, 1,050 MB of additional disk space will be used. NEEDRESTART-VER: 3.5 NEEDRESTART-KCUR: 5.15.0-91-generic NEEDRESTART-KEXP: 5.15.0-91-generic NEEDRESTART-KSTA: 1 NEEDRESTART-SVC: filebeat.service
26/07/2024 12:53:36 DEBUG: Checking Wazuh installation.
26/07/2024 12:53:36 DEBUG: There are Wazuh indexer remaining files.
26/07/2024 12:53:37 INFO: Wazuh indexer installation finished.
26/07/2024 12:53:37 DEBUG: Configuring Wazuh indexer.
26/07/2024 12:53:37 DEBUG: Copying Wazuh indexer certificates.
26/07/2024 12:53:37 INFO: Wazuh indexer post-install configuration finished.
26/07/2024 12:53:37 INFO: Starting service wazuh-indexer.
Created symlink /etc/systemd/system/multi-user.target.wants/wazuh-indexer.service → /lib/systemd/system/wazuh-indexer.service.
26/07/2024 12:53:48 INFO: wazuh-indexer service started.
26/07/2024 12:53:48 INFO: Initializing Wazuh indexer cluster security settings.
**************************************************************************
** This tool will be deprecated in the next major release of OpenSearch **
** https://github.com/opensearch-project/security/issues/1755           **
**************************************************************************
Security Admin v7
Will connect to 127.0.0.1:9200 ... done
Connected as "CN=admin,OU=Wazuh,O=Wazuh,L=California,C=US"
OpenSearch Version: 2.10.0
Contacting opensearch cluster 'opensearch' and wait for YELLOW clusterstate ...
Clustername: wazuh-cluster
Clusterstate: GREEN
Number of nodes: 1
Number of data nodes: 1
.opendistro_security index does not exists, attempt to create it ... done (0-all replicas)
Populate config from /etc/wazuh-indexer/opensearch-security/
Will update '/config' with /etc/wazuh-indexer/opensearch-security/config.yml
   SUCC: Configuration for 'config' created or updated
Will update '/roles' with /etc/wazuh-indexer/opensearch-security/roles.yml
   SUCC: Configuration for 'roles' created or updated
Will update '/rolesmapping' with /etc/wazuh-indexer/opensearch-security/roles_mapping.yml
   SUCC: Configuration for 'rolesmapping' created or updated
Will update '/internalusers' with /etc/wazuh-indexer/opensearch-security/internal_users.yml
   SUCC: Configuration for 'internalusers' created or updated
Will update '/actiongroups' with /etc/wazuh-indexer/opensearch-security/action_groups.yml
   SUCC: Configuration for 'actiongroups' created or updated
Will update '/tenants' with /etc/wazuh-indexer/opensearch-security/tenants.yml
   SUCC: Configuration for 'tenants' created or updated
Will update '/nodesdn' with /etc/wazuh-indexer/opensearch-security/nodes_dn.yml
   SUCC: Configuration for 'nodesdn' created or updated
Will update '/whitelist' with /etc/wazuh-indexer/opensearch-security/whitelist.yml
   SUCC: Configuration for 'whitelist' created or updated
Will update '/audit' with /etc/wazuh-indexer/opensearch-security/audit.yml
   SUCC: Configuration for 'audit' created or updated
Will update '/allowlist' with /etc/wazuh-indexer/opensearch-security/allowlist.yml
   SUCC: Configuration for 'allowlist' created or updated
SUCC: Expected 10 config types for node {"updated_config_types":["allowlist","tenants","rolesmapping","nodesdn","audit","roles","whitelist","internalusers","actiongroups","config"],"updated_config_size":10,"message":null} is 10 (["allowlist","tenants","rolesmapping","nodesdn","audit","roles","whitelist","internalusers","actiongroups","config"]) due to: null
Done with success
26/07/2024 12:53:59 INFO: Wazuh indexer cluster security configuration initialized.
26/07/2024 12:53:59 INFO: Wazuh indexer cluster initialized.
26/07/2024 12:54:00 INFO: --- Wazuh server ---
26/07/2024 12:54:00 INFO: Starting the Wazuh manager installation.
Reading package lists... Building dependency tree... Reading state information... Suggested packages: expect The following NEW packages will be installed: wazuh-manager 0 upgraded, 1 newly installed, 0 to remove and 138 not upgraded. Need to get 0 B/317 MB of archives. After this operation, 918 MB of additional NEEDRESTART-VER: 3.5 NEEDRESTART-KCUR: 5.15.0-91-generic NEEDRESTART-KEXP: 5.15.0-91-generic NEEDRESTART-KSTA: 1 NEEDRESTART-SVC: filebeat.service
26/07/2024 12:55:15 DEBUG: Checking Wazuh installation.
26/07/2024 12:55:15 DEBUG: There are Wazuh remaining files.
26/07/2024 12:55:16 DEBUG: There are Wazuh indexer remaining files.
26/07/2024 12:55:16 INFO: Wazuh manager installation finished.
26/07/2024 12:55:16 DEBUG: Configuring Wazuh manager.
26/07/2024 12:55:16 DEBUG: Setting provisional Wazuh indexer password.
26/07/2024 12:55:16 INFO: Wazuh manager vulnerability detection configuration finished.
26/07/2024 12:55:16 INFO: Starting service wazuh-manager.
Created symlink /etc/systemd/system/multi-user.target.wants/wazuh-manager.service → /lib/systemd/system/wazuh-manager.service.
26/07/2024 12:55:33 INFO: wazuh-manager service started.
26/07/2024 12:55:33 INFO: Checking Wazuh API connection
26/07/2024 12:55:37 DEBUG: wazuh-clusterd not running...
wazuh-modulesd is running...
wazuh-monitord is running...
wazuh-logcollector is running...
wazuh-remoted is running...
wazuh-syscheckd is running...
wazuh-analysisd is running...
wazuh-maild not running...
wazuh-execd is running...
wazuh-db is running...
wazuh-authd is running...
wazuh-agentlessd not running...
wazuh-integratord not running...
wazuh-dbd not running...
wazuh-csyslogd not running...
wazuh-apid is running...
26/07/2024 12:55:37 INFO: Wazuh API connection successful
26/07/2024 12:55:37 INFO: Starting Filebeat installation.
Reading package lists... Building dependency tree... Reading state information... The following NEW packages will be installed: filebeat 0 upgraded, 1 newly installed, 0 to remove and 139 not upgraded. Need to get 0 B/22.1 MB of archives. After this operation, 73.6 MB of additional disk space will be used. Sele NEEDRESTART-VER: 3.5 NEEDRESTART-KCUR: 5.15.0-91-generic NEEDRESTART-KEXP: 5.15.0-91-generic NEEDRESTART-KSTA: 1 NEEDRESTART-SVC: filebeat.service
26/07/2024 12:55:42 DEBUG: Checking Wazuh installation.
26/07/2024 12:55:43 DEBUG: There are Wazuh remaining files.
26/07/2024 12:55:43 DEBUG: There are Wazuh indexer remaining files.
26/07/2024 12:55:44 DEBUG: There are Filebeat remaining files.
26/07/2024 12:55:44 INFO: Filebeat installation finished.
26/07/2024 12:55:44 DEBUG: Configuring Filebeat.
26/07/2024 12:55:45 DEBUG: Filebeat template was download successfully.
wazuh/
wazuh/_meta/
wazuh/_meta/docs.asciidoc
wazuh/_meta/fields.yml
wazuh/_meta/config.yml
wazuh/alerts/
wazuh/alerts/config/
wazuh/alerts/config/alerts.yml
wazuh/alerts/manifest.yml
wazuh/alerts/ingest/
wazuh/alerts/ingest/pipeline.json
wazuh/module.yml
wazuh/archives/
wazuh/archives/config/
wazuh/archives/config/archives.yml
wazuh/archives/manifest.yml
wazuh/archives/ingest/
wazuh/archives/ingest/pipeline.json
26/07/2024 12:55:47 DEBUG: Filebeat module was downloaded successfully.
26/07/2024 12:55:47 DEBUG: Copying Filebeat certificates.
Created filebeat keystore
Successfully updated the keystore
Successfully updated the keystore
26/07/2024 12:55:47 INFO: Filebeat post-install configuration finished.
26/07/2024 12:55:47 INFO: Starting service filebeat.
Synchronizing state of filebeat.service with SysV service script with /lib/systemd/systemd-sysv-install.
Executing: /lib/systemd/systemd-sysv-install enable filebeat
Created symlink /etc/systemd/system/multi-user.target.wants/filebeat.service → /lib/systemd/system/filebeat.service.
26/07/2024 12:55:48 INFO: filebeat service started.
26/07/2024 12:55:48 INFO: Checking Filebeat connection
26/07/2024 12:55:49 INFO: Filebeat connection successful
26/07/2024 12:55:49 DEBUG: Full output of Filebeatt test:
26/07/2024 12:55:49 DEBUG: elasticsearch: https://127.0.0.1:9200...
  parse url... OK
  connection...
    parse host... OK
    dns lookup... OK
    addresses: 127.0.0.1
    dial up... OK
  TLS...
    security: server's certificate chain verification is enabled
    handshake... OK
    TLS version: TLSv1.2
    dial up... OK
  talk to server... OK
  version: 7.10.2
26/07/2024 12:55:49 INFO: --- Wazuh dashboard ---
26/07/2024 12:55:49 INFO: Starting Wazuh dashboard installation.
Reading package lists... Building dependency tree... Reading state information... The following NEW packages will be installed: wazuh-dashboard 0 upgraded, 1 newly installed, 0 to remove and 139 not upgraded. Need to get 0 B/186 MB of archives. After this operation, 998 MB of additional disk space will be used. NEEDRESTART-VER: 3.5 NEEDRESTART-KCUR: 5.15.0-91-generic NEEDRESTART-KEXP: 5.15.0-91-generic NEEDRESTART-KSTA: 1 NEEDRESTART-SVC: filebeat.service
26/07/2024 12:57:43 DEBUG: Checking Wazuh installation.
26/07/2024 12:57:44 DEBUG: There are Wazuh remaining files.
26/07/2024 12:57:44 DEBUG: There are Wazuh indexer remaining files.
26/07/2024 12:57:44 DEBUG: There are Filebeat remaining files.
26/07/2024 12:57:44 DEBUG: There are Wazuh dashboard remaining files.
26/07/2024 12:57:44 INFO: Wazuh dashboard installation finished.
26/07/2024 12:57:44 DEBUG: Configuring Wazuh dashboard.
26/07/2024 12:57:44 DEBUG: Copying Wazuh dashboard certificates.
26/07/2024 12:57:44 DEBUG: Wazuh dashboard certificate setup finished.
26/07/2024 12:57:44 INFO: Wazuh dashboard post-install configuration finished.
26/07/2024 12:57:44 INFO: Starting service wazuh-dashboard.
Created symlink /etc/systemd/system/multi-user.target.wants/wazuh-dashboard.service → /etc/systemd/system/wazuh-dashboard.service.
26/07/2024 12:57:45 INFO: wazuh-dashboard service started.
26/07/2024 12:57:45 DEBUG: Setting Wazuh indexer cluster passwords.
26/07/2024 12:57:45 DEBUG: Checking Wazuh installation.
26/07/2024 12:57:45 DEBUG: There are Wazuh remaining files.
26/07/2024 12:57:46 DEBUG: There are Wazuh indexer remaining files.
26/07/2024 12:57:46 DEBUG: There are Filebeat remaining files.
26/07/2024 12:57:46 DEBUG: There are Wazuh dashboard remaining files.
26/07/2024 12:57:46 INFO: Updating the internal users.
26/07/2024 12:57:46 DEBUG: Creating password backup.
**************************************************************************
** This tool will be deprecated in the next major release of OpenSearch **
** https://github.com/opensearch-project/security/issues/1755           **
**************************************************************************
Security Admin v7
Will connect to 127.0.0.1:9200 ... done
Connected as "CN=admin,OU=Wazuh,O=Wazuh,L=California,C=US"
OpenSearch Version: 2.10.0
Contacting opensearch cluster 'opensearch' and wait for YELLOW clusterstate ...
Clustername: wazuh-cluster
Clusterstate: GREEN
Number of nodes: 1
Number of data nodes: 1
.opendistro_security index already exists, so we do not need to create one.
Will retrieve '/config' into /etc/wazuh-indexer/backup/config.yml
   SUCC: Configuration for 'config' stored in /etc/wazuh-indexer/backup/config.yml
Will retrieve '/roles' into /etc/wazuh-indexer/backup/roles.yml
   SUCC: Configuration for 'roles' stored in /etc/wazuh-indexer/backup/roles.yml
Will retrieve '/rolesmapping' into /etc/wazuh-indexer/backup/roles_mapping.yml
   SUCC: Configuration for 'rolesmapping' stored in /etc/wazuh-indexer/backup/roles_mapping.yml
Will retrieve '/internalusers' into /etc/wazuh-indexer/backup/internal_users.yml
   SUCC: Configuration for 'internalusers' stored in /etc/wazuh-indexer/backup/internal_users.yml
Will retrieve '/actiongroups' into /etc/wazuh-indexer/backup/action_groups.yml
   SUCC: Configuration for 'actiongroups' stored in /etc/wazuh-indexer/backup/action_groups.yml
Will retrieve '/tenants' into /etc/wazuh-indexer/backup/tenants.yml
   SUCC: Configuration for 'tenants' stored in /etc/wazuh-indexer/backup/tenants.yml
Will retrieve '/nodesdn' into /etc/wazuh-indexer/backup/nodes_dn.yml
   SUCC: Configuration for 'nodesdn' stored in /etc/wazuh-indexer/backup/nodes_dn.yml
Will retrieve '/whitelist' into /etc/wazuh-indexer/backup/whitelist.yml
   SUCC: Configuration for 'whitelist' stored in /etc/wazuh-indexer/backup/whitelist.yml
Will retrieve '/allowlist' into /etc/wazuh-indexer/backup/allowlist.yml
   SUCC: Configuration for 'allowlist' stored in /etc/wazuh-indexer/backup/allowlist.yml
Will retrieve '/audit' into /etc/wazuh-indexer/backup/audit.yml
   SUCC: Configuration for 'audit' stored in /etc/wazuh-indexer/backup/audit.yml
26/07/2024 12:57:50 DEBUG: Password backup created in /etc/wazuh-indexer/backup.
26/07/2024 12:57:50 INFO: A backup of the internal users has been saved in the /etc/wazuh-indexer/internalusers-backup folder.
26/07/2024 12:57:50 DEBUG: The internal users have been updated before changing the passwords.
26/07/2024 12:57:50 DEBUG: Generating password hashes.
26/07/2024 12:57:54 DEBUG: Password hashes generated.
26/07/2024 12:57:54 DEBUG: Creating password backup.
**************************************************************************
** This tool will be deprecated in the next major release of OpenSearch **
** https://github.com/opensearch-project/security/issues/1755           **
**************************************************************************
Security Admin v7
Will connect to 127.0.0.1:9200 ... done
Connected as "CN=admin,OU=Wazuh,O=Wazuh,L=California,C=US"
OpenSearch Version: 2.10.0
Contacting opensearch cluster 'opensearch' and wait for YELLOW clusterstate ...
Clustername: wazuh-cluster
Clusterstate: GREEN
Number of nodes: 1
Number of data nodes: 1
.opendistro_security index already exists, so we do not need to create one.
Will retrieve '/config' into /etc/wazuh-indexer/backup/config.yml
   SUCC: Configuration for 'config' stored in /etc/wazuh-indexer/backup/config.yml
Will retrieve '/roles' into /etc/wazuh-indexer/backup/roles.yml
   SUCC: Configuration for 'roles' stored in /etc/wazuh-indexer/backup/roles.yml
Will retrieve '/rolesmapping' into /etc/wazuh-indexer/backup/roles_mapping.yml
   SUCC: Configuration for 'rolesmapping' stored in /etc/wazuh-indexer/backup/roles_mapping.yml
Will retrieve '/internalusers' into /etc/wazuh-indexer/backup/internal_users.yml
   SUCC: Configuration for 'internalusers' stored in /etc/wazuh-indexer/backup/internal_users.yml
Will retrieve '/actiongroups' into /etc/wazuh-indexer/backup/action_groups.yml
   SUCC: Configuration for 'actiongroups' stored in /etc/wazuh-indexer/backup/action_groups.yml
Will retrieve '/tenants' into /etc/wazuh-indexer/backup/tenants.yml
   SUCC: Configuration for 'tenants' stored in /etc/wazuh-indexer/backup/tenants.yml
Will retrieve '/nodesdn' into /etc/wazuh-indexer/backup/nodes_dn.yml
   SUCC: Configuration for 'nodesdn' stored in /etc/wazuh-indexer/backup/nodes_dn.yml
Will retrieve '/whitelist' into /etc/wazuh-indexer/backup/whitelist.yml
   SUCC: Configuration for 'whitelist' stored in /etc/wazuh-indexer/backup/whitelist.yml
Will retrieve '/allowlist' into /etc/wazuh-indexer/backup/allowlist.yml
   SUCC: Configuration for 'allowlist' stored in /etc/wazuh-indexer/backup/allowlist.yml
Will retrieve '/audit' into /etc/wazuh-indexer/backup/audit.yml
   SUCC: Configuration for 'audit' stored in /etc/wazuh-indexer/backup/audit.yml
26/07/2024 12:57:55 DEBUG: Password backup created in /etc/wazuh-indexer/backup.
Successfully updated the keystore
26/07/2024 12:57:56 DEBUG: Restarting filebeat service...
26/07/2024 12:57:56 DEBUG: filebeat started.
26/07/2024 12:57:56 DEBUG: Restarting wazuh-manager service...
26/07/2024 12:58:11 DEBUG: wazuh-manager started.
26/07/2024 12:58:12 DEBUG: Restarting wazuh-dashboard service...
26/07/2024 12:58:12 DEBUG: wazuh-dashboard started.
26/07/2024 12:58:12 DEBUG: Running security admin tool.
26/07/2024 12:58:12 DEBUG: Loading new passwords changes.
**************************************************************************
** This tool will be deprecated in the next major release of OpenSearch **
** https://github.com/opensearch-project/security/issues/1755           **
**************************************************************************
Security Admin v7
Will connect to 127.0.0.1:9200 ... done
Connected as "CN=admin,OU=Wazuh,O=Wazuh,L=California,C=US"
OpenSearch Version: 2.10.0
Contacting opensearch cluster 'opensearch' and wait for YELLOW clusterstate ...
Clustername: wazuh-cluster
Clusterstate: GREEN
Number of nodes: 1
Number of data nodes: 1
.opendistro_security index already exists, so we do not need to create one.
Populate config from /root
Force type: internalusers
Will update '/internalusers' with /etc/wazuh-indexer/backup/internal_users.yml
   SUCC: Configuration for 'internalusers' created or updated
SUCC: Expected 1 config types for node {"updated_config_types":["internalusers"],"updated_config_size":1,"message":null} is 1 (["internalusers"]) due to: null
Done with success
26/07/2024 12:58:15 DEBUG: Passwords changed.
26/07/2024 12:58:15 DEBUG: Changing API passwords.
26/07/2024 12:58:22 INFO: Initializing Wazuh dashboard web application.
26/07/2024 12:58:22 INFO: Wazuh dashboard web application initialized.
26/07/2024 12:58:22 INFO: --- Summary ---
26/07/2024 12:58:22 INFO: You can access the web interface https://<wazuh-dashboard-ip>:443
    User: admin
    Password: wkSNFe*9U1Nnhe5OFrAQCKgV062qH7eR
26/07/2024 12:58:22 DEBUG: Restoring Wazuh repository.
26/07/2024 12:58:22 INFO: Installation finished.

@vcerenu vcerenu mentioned this issue Jul 26, 2024
Merged
@vcerenu vcerenu linked a pull request Jul 26, 2024 that will close this issue
Add a post-install validation for Wazuh manager and Filebeat in the WIA #3059
Merged
@wazuhci wazuhci moved this from In progress to Pending review in Release 4.10.0 Jul 29, 2024
@wazuhci wazuhci moved this from Pending review to Done in Release 4.10.0 Jul 30, 2024
@c-bordon c-bordon mentioned this issue Nov 7, 2024
Closed
1 task
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@vcerenu vcerenu

Labels
level/task Subtask issue type/enhancement Enhancement issue
Projects
Release 4.10.0
Status: Done
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

Add a post-install validation for Wazuh manager and Filebeat in the WIA wazuh/wazuh-packages
3 participants
@teddytpc1 @vcerenu @c-bordon