Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Fixed kibanaserver change password #3063

Merged
merged 1 commit into from
Jul 30, 2024
Merged

Fixed kibanaserver change password #3063

merged 1 commit into from
Jul 30, 2024

Conversation

c-bordon
Copy link
Member

Close #3056

Description

The user anomalyadmin is added to the indexer user list. This user is new for version 4.9.0, and its absence generated a problem in the configuration of the rest of the users with the security admin.

This is used to add double quotes to the hash of the internal-users file.

Logs example

Wazuh indexer installation

root@ubuntu-jammy:~# curl -sO https://packages-dev.wazuh.com/4.9/config.yml
root@ubuntu-jammy:~# vim config.yml 
root@ubuntu-jammy:~# cp /home/vagrant/wazuh-install.sh .
root@ubuntu-jammy:~# bash wazuh-install.sh --generate-config-files
30/07/2024 14:16:30 INFO: Starting Wazuh installation assistant. Wazuh version: 4.9.0
30/07/2024 14:16:30 INFO: Verbose logging redirected to /var/log/wazuh-install.log
30/07/2024 14:16:46 INFO: Verifying that your system meets the recommended minimum hardware requirements.
30/07/2024 14:16:49 INFO: --- Configuration files ---
30/07/2024 14:16:49 INFO: Generating configuration files.
30/07/2024 14:16:49 INFO: Generating the root certificate.
30/07/2024 14:16:50 INFO: Generating Admin certificates.
30/07/2024 14:16:50 INFO: Generating Wazuh indexer certificates.
30/07/2024 14:16:51 INFO: Generating Filebeat certificates.
30/07/2024 14:16:51 INFO: Generating Wazuh dashboard certificates.
30/07/2024 14:16:51 INFO: Created wazuh-install-files.tar. It contains the Wazuh cluster key, certificates, and passwords necessary for installation.
root@ubuntu-jammy:~# bash wazuh-install.sh --wazuh-indexer node-1
30/07/2024 14:16:54 INFO: Starting Wazuh installation assistant. Wazuh version: 4.9.0
30/07/2024 14:16:54 INFO: Verbose logging redirected to /var/log/wazuh-install.log
30/07/2024 14:16:58 INFO: Verifying that your system meets the recommended minimum hardware requirements.
30/07/2024 14:17:07 INFO: --- Dependencies ----
30/07/2024 14:17:07 INFO: Installing apt-transport-https.
30/07/2024 14:17:15 INFO: Wazuh development repository added.
30/07/2024 14:17:15 INFO: --- Wazuh indexer ---
30/07/2024 14:17:15 INFO: Starting Wazuh indexer installation.
30/07/2024 14:18:58 INFO: Wazuh indexer installation finished.
30/07/2024 14:18:58 INFO: Wazuh indexer post-install configuration finished.
30/07/2024 14:18:58 INFO: Starting service wazuh-indexer.
30/07/2024 14:19:08 INFO: wazuh-indexer service started.
30/07/2024 14:19:08 INFO: Initializing Wazuh indexer cluster security settings.
30/07/2024 14:19:09 INFO: Wazuh indexer cluster initialized.
30/07/2024 14:19:09 INFO: Installation finished.
root@ubuntu-jammy:~# bash wazuh-install.sh --start-cluster
30/07/2024 14:19:21 INFO: Starting Wazuh installation assistant. Wazuh version: 4.9.0
30/07/2024 14:19:21 INFO: Verbose logging redirected to /var/log/wazuh-install.log
30/07/2024 14:19:26 INFO: Verifying that your system meets the recommended minimum hardware requirements.
30/07/2024 14:19:32 INFO: Wazuh indexer cluster security configuration initialized.
30/07/2024 14:20:03 INFO: Updating the internal users.
30/07/2024 14:20:05 INFO: A backup of the internal users has been saved in the /etc/wazuh-indexer/internalusers-backup folder.
30/07/2024 14:20:11 INFO: Wazuh indexer cluster started.
root@ubuntu-jammy:~# tar -axf wazuh-install-files.tar wazuh-install-files/wazuh-passwords.txt -O | grep -P "\'admin\'" -A 1
  indexer_username: 'admin'
  indexer_password: 'C3bY0Ur35.*ZYPTIKoMQA9X*8jQHzGuk'
root@ubuntu-jammy:~# curl -k -u admin:C3bY0Ur35.*ZYPTIKoMQA9X*8jQHzGuk https://localhost:9200
{
  "name" : "node-1",
  "cluster_name" : "wazuh-indexer-cluster",
  "cluster_uuid" : "e98DoaqnTNyICnhC17blbA",
  "version" : {
    "number" : "7.10.2",
    "build_type" : "deb",
    "build_hash" : "2c952aba7735bee5f4b0bb9cfc821d68ffbdd636",
    "build_date" : "2024-07-19T16:32:15.451255Z",
    "build_snapshot" : false,
    "lucene_version" : "9.10.0",
    "minimum_wire_compatibility_version" : "7.10.0",
    "minimum_index_compatibility_version" : "7.0.0"
  },
  "tagline" : "The OpenSearch Project: https://opensearch.org/"
}

Wazuh server installation

root@ubuntu-jammy:~# bash wazuh-install.sh --wazuh-server wazuh-1
30/07/2024 14:20:48 INFO: Starting Wazuh installation assistant. Wazuh version: 4.9.0
30/07/2024 14:20:48 INFO: Verbose logging redirected to /var/log/wazuh-install.log
30/07/2024 14:20:52 INFO: Verifying that your system meets the recommended minimum hardware requirements.
30/07/2024 14:21:04 INFO: Wazuh development repository added.
30/07/2024 14:21:04 INFO: --- Wazuh server ---
30/07/2024 14:21:04 INFO: Starting the Wazuh manager installation.
30/07/2024 14:22:21 INFO: Wazuh manager installation finished.
30/07/2024 14:22:21 INFO: Wazuh manager vulnerability detection configuration finished.
30/07/2024 14:22:21 INFO: Starting service wazuh-manager.
30/07/2024 14:22:36 INFO: wazuh-manager service started.
30/07/2024 14:22:36 INFO: Starting Filebeat installation.
30/07/2024 14:23:03 INFO: Filebeat installation finished.
30/07/2024 14:23:07 INFO: Filebeat post-install configuration finished.
30/07/2024 14:23:09 INFO: The filebeat.yml file has been updated to use the Filebeat Keystore username and password.
30/07/2024 14:23:30 INFO: Starting service filebeat.
30/07/2024 14:23:31 INFO: filebeat service started.
30/07/2024 14:23:31 INFO: Installation finished.

Wazuh dashboard installation

root@ubuntu-jammy:~# bash wazuh-install.sh --wazuh-dashboard dashboard
30/07/2024 14:24:04 INFO: Starting Wazuh installation assistant. Wazuh version: 4.9.0
30/07/2024 14:24:04 INFO: Verbose logging redirected to /var/log/wazuh-install.log
30/07/2024 14:24:13 INFO: Verifying that your system meets the recommended minimum hardware requirements.
30/07/2024 14:24:17 INFO: Wazuh web interface port will be 443.
30/07/2024 14:24:22 INFO: --- Dependencies ----
30/07/2024 14:24:22 INFO: Installing debhelper.
30/07/2024 14:24:54 INFO: Wazuh development repository added.
30/07/2024 14:24:54 INFO: --- Wazuh dashboard ----
30/07/2024 14:24:54 INFO: Starting Wazuh dashboard installation.
30/07/2024 14:25:55 INFO: Wazuh dashboard installation finished.
30/07/2024 14:25:55 INFO: Wazuh dashboard post-install configuration finished.
30/07/2024 14:25:55 INFO: Starting service wazuh-dashboard.
30/07/2024 14:25:55 INFO: wazuh-dashboard service started.
30/07/2024 14:25:56 INFO: The filebeat.yml file has been updated to use the Filebeat Keystore username and password.
30/07/2024 14:26:30 INFO: Initializing Wazuh dashboard web application.
30/07/2024 14:26:31 INFO: Wazuh dashboard web application initialized.
30/07/2024 14:26:31 INFO: --- Summary ---
30/07/2024 14:26:31 INFO: You can access the web interface https://<wazuh-dashboard-ip>:443
    User: admin
    Password: C3bY0Ur35.*ZYPTIKoMQA9X*8jQHzGuk
30/07/2024 14:26:31 INFO: Installation finished.

Screenshot_20240730_112814

@c-bordon c-bordon linked an issue Jul 30, 2024 that may be closed by this pull request
Automated installer not setting the kibanaserver password correctly. #3056
Closed
@c-bordon c-bordon mentioned this pull request Jul 30, 2024
Closed
@teddytpc1 teddytpc1 linked an issue Jul 30, 2024 that may be closed by this pull request
Installation Assistant not changing wazuh-wui password on wazuh.yml file #3057
Closed
@teddytpc1 teddytpc1 merged commit a438b43 into 4.9.0 Jul 30, 2024
10 of 12 checks passed
@teddytpc1 teddytpc1 deleted the bug/3056-automated-installer-not-setting-the-kibanaserver-password-correctly branch July 30, 2024 15:53
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@teddytpc1 teddytpc1 teddytpc1 approved these changes

@vcerenu vcerenu vcerenu approved these changes

@CarlosALgit CarlosALgit CarlosALgit approved these changes

Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
4 participants
@c-bordon @teddytpc1 @vcerenu @CarlosALgit