Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Post publication live checks for 4.7.1 #4778

Closed
11 tasks done
davidjiglesias opened this issue Dec 19, 2023 · 5 comments
Closed
11 tasks done

Post publication live checks for 4.7.1 #4778

davidjiglesias opened this issue Dec 19, 2023 · 5 comments
Assignees
@Rebits @rauldpm @juliamagan
Labels
level/subtask Subtask issue request/operational type/maintenance

Comments

@davidjiglesias
Copy link
Member

davidjiglesias commented Dec 19, 2023
edited by juliamagan
Loading

Description

This issue attempts to ensure the publication process was correct, attempting checks and live tests for published packages and images.

Tasks
@davidjiglesias davidjiglesias mentioned this issue Dec 19, 2023
Closed
1 task
@wazuhci wazuhci moved this to Triage in Release 4.7.1 Dec 19, 2023
@juliamagan juliamagan self-assigned this Dec 19, 2023
@wazuhci wazuhci moved this from Triage to In progress in Release 4.7.1 Dec 19, 2023
@rauldpm rauldpm self-assigned this Dec 19, 2023
@rauldpm rauldpm mentioned this issue Dec 19, 2023
Closed
@rauldpm
Copy link
Member

rauldpm commented Dec 19, 2023
edited
Loading

Wazuh installation assistant check

root@ubuntu2204:/home/vagrant# curl -sO https://packages.wazuh.com/4.7/wazuh-install.sh && sudo bash ./wazuh-install.sh -a
20/12/2023 15:37:47 INFO: Starting Wazuh installation assistant. Wazuh version: 4.7.1
20/12/2023 15:37:47 INFO: Verbose logging redirected to /var/log/wazuh-install.log
20/12/2023 15:37:57 INFO: Wazuh web interface port will be 443.
20/12/2023 15:37:59 INFO: --- Dependencies ----
20/12/2023 15:37:59 INFO: Installing apt-transport-https.
20/12/2023 15:38:01 INFO: Wazuh repository added.
20/12/2023 15:38:01 INFO: --- Configuration files ---
20/12/2023 15:38:01 INFO: Generating configuration files.
20/12/2023 15:38:02 INFO: Created wazuh-install-files.tar. It contains the Wazuh cluster key, certificates, and passwords necessary for installation.
20/12/2023 15:38:02 INFO: --- Wazuh indexer ---
20/12/2023 15:38:02 INFO: Starting Wazuh indexer installation.
20/12/2023 15:38:45 INFO: Wazuh indexer installation finished.
20/12/2023 15:38:45 INFO: Wazuh indexer post-install configuration finished.
20/12/2023 15:38:45 INFO: Starting service wazuh-indexer.
20/12/2023 15:38:53 INFO: wazuh-indexer service started.
20/12/2023 15:38:53 INFO: Initializing Wazuh indexer cluster security settings.
20/12/2023 15:39:03 INFO: Wazuh indexer cluster initialized.
20/12/2023 15:39:03 INFO: --- Wazuh server ---
20/12/2023 15:39:03 INFO: Starting the Wazuh manager installation.
20/12/2023 15:39:29 INFO: Wazuh manager installation finished.
20/12/2023 15:39:29 INFO: Starting service wazuh-manager.
20/12/2023 15:39:44 INFO: wazuh-manager service started.
20/12/2023 15:39:44 INFO: Starting Filebeat installation.
20/12/2023 15:39:47 INFO: Filebeat installation finished.
20/12/2023 15:39:48 INFO: Filebeat post-install configuration finished.
20/12/2023 15:39:48 INFO: Starting service filebeat.
20/12/2023 15:39:49 INFO: filebeat service started.
20/12/2023 15:39:49 INFO: --- Wazuh dashboard ---
20/12/2023 15:39:49 INFO: Starting Wazuh dashboard installation.
20/12/2023 15:40:19 INFO: Wazuh dashboard installation finished.
20/12/2023 15:40:19 INFO: Wazuh dashboard post-install configuration finished.
20/12/2023 15:40:19 INFO: Starting service wazuh-dashboard.
20/12/2023 15:40:19 INFO: wazuh-dashboard service started.
20/12/2023 15:40:37 INFO: Initializing Wazuh dashboard web application.
20/12/2023 15:40:38 INFO: Wazuh dashboard web application initialized.
20/12/2023 15:40:38 INFO: --- Summary ---
20/12/2023 15:40:38 INFO: You can access the web interface https://<wazuh-dashboard-ip>:443
    User: admin
    Password: .EcE3Xr+X?P1?gqW1UJGGOXbLcWNQ4UR
20/12/2023 15:40:38 INFO: Installation finished.
root@ubuntu2204:/home/vagrant# /var/ossec/bin/wazuh-control info
WAZUH_VERSION="v4.7.1"
WAZUH_REVISION="40709"
WAZUH_TYPE="server"
root@ubuntu2204:/home/vagrant# cat /usr/share/wazuh-indexer/VERSION 
4.7.1
root@ubuntu2204:/home/vagrant# cat /usr/share/wazuh-dashboard/VERSION 
4.7.1

image

@juliamagan
Copy link
Member

juliamagan commented Dec 19, 2023
edited by damarisg
Loading

WPK upgrade test

Windows 🟢

  • Agent info:
    prev

  • Agent info (in manager):

root@test:/home/vagrant# /var/ossec/bin/agent_control -i 001

Wazuh agent_control. Agent information:
   Agent ID:   001
   Agent Name: WIN-JLGVA4CR4VI
   IP address: any
   Status:     Active

   Operating system:    Microsoft Windows Server 2019 Standard Evaluation
   Client version:      Wazuh v4.7.0
   Configuration hash:  ab73af41699f13fdd81903b5f23d8d00
   Shared file hash:    4a8724b20dee0124ff9656783c490c4e
   Last keep alive:     1703087395

   Syscheck last started at:  Wed Dec 20 15:48:59 2023
   Syscheck last ended at:    Wed Dec 20 15:49:11 2023
  • Agent update:
root@test:/home/vagrant# /var/ossec/bin/agent_upgrade -a 001

Upgrading...

Upgraded agents:
	Agent 001 upgraded: Wazuh v4.7.0 -> Wazuh v4.7.1

  • Agent info:
    upgrade

  • Agent info (in manager):

root@test:/home/vagrant# /var/ossec/bin/agent_control -i 001

Wazuh agent_control. Agent information:
   Agent ID:   001
   Agent Name: WIN-JLGVA4CR4VI
   IP address: any
   Status:     Active

   Operating system:    Microsoft Windows Server 2019 Standard Evaluation
   Client version:      Wazuh v4.7.1
   Configuration hash:  ab73af41699f13fdd81903b5f23d8d00
   Shared file hash:    4a8724b20dee0124ff9656783c490c4e
   Last keep alive:     1703087494

   Syscheck last started at:  Wed Dec 20 15:50:34 2023
   Syscheck last ended at:    Wed Dec 20 15:50:46 2023
  • Upgrade.log
2023-12-20 07:50:26Z - Sysnative Powershell will be used to access the registry.
2023-12-20 07:50:26Z - Current version: v4.7.0.
2023-12-20 07:50:26Z - Generating backup.
2023-12-20 07:50:26Z - Backing up Wazuh home files.
2023-12-20 07:50:28Z - Searching Wazuh-Agent cached MSI through the registry.
2023-12-20 07:50:29Z - Backing up Wazuh-Agent cached MSI: "C:\Windows\Installer\18d1a.msi".
2023-12-20 07:50:29Z - Trying to stop Wazuh service.
2023-12-20 07:50:32Z - Starting upgrade processs.
2023-12-20 07:50:33Z - Restarting Wazuh-Agent service.
2023-12-20 07:50:33Z - Installation finished.
2023-12-20 07:50:33Z - Process ID: 580.
2023-12-20 07:50:44Z - Reading status file: status='connected'.
2023-12-20 07:50:44Z - Upgrade finished successfully.
2023-12-20 07:50:44Z - New version: v4.7.1.
Linux 🟢

Agent info:

   [root@localhost vagrant]# /var/ossec/bin/wazuh-control info 🟢 
   WAZUH_VERSION="v4.7.0"
   WAZUH_REVISION="40704"
   WAZUH_TYPE="agent"

Agent info (in manager):

   [root@localhost vagrant]#  /var/ossec/bin/agent_control -i 001 🟢 

   Wazuh agent_control. Agent information:
      Agent ID:   001
      Agent Name: agente
      IP address: any
      Status:     Active
   
      Operating system:    Linux |agente |4.18.0-240.1.1.el8_3.x86_64 |#1 SMP Thu Nov 19 17:20:08 UTC 2020 |x86_64
      Client version:      Wazuh v4.7.0
      Configuration hash:  ab73af41699f13fdd81903b5f23d8d00
      Shared file hash:    4a8724b20dee0124ff9656783c490c4e
      Last keep alive:     1703088111
   
      Syscheck last started at:  Wed Dec 20 02:59:43 2023
      Syscheck last ended at:    Wed Dec 20 02:59:47 2023

Agent update: 🟢

   [root@localhost vagrant]# /var/ossec/bin/agent_upgrade -a 001
   
   Upgrading...
   
   
   Upgraded agents:
           Agent 001 upgraded: Wazuh v4.7.0 -> Wazuh v4.7.1

Agent info: 🟢

   [root@localhost vagrant]#  /var/ossec/bin/wazuh-control info
   WAZUH_VERSION="v4.7.1"
   WAZUH_REVISION="40709"
   WAZUH_TYPE="agent"

Agent info (in manager): 🟢

   [root@localhost vagrant]#  /var/ossec/bin/agent_control -i 001
   
   Wazuh agent_control. Agent information:
      Agent ID:   001
      Agent Name: agente
      IP address: any
      Status:     Active
   
      Operating system:    Linux |agente |4.18.0-240.1.1.el8_3.x86_64 |#1 SMP Thu Nov 19 17:20:08 UTC 2020 |x86_64
      Client version:      Wazuh v4.7.1
      Configuration hash:  ab73af41699f13fdd81903b5f23d8d00
      Shared file hash:    4a8724b20dee0124ff9656783c490c4e
      Last keep alive:     1703088424
   
      Syscheck last started at:  Wed Dec 20 03:04:32 2023
      Syscheck last ended at:    Wed Dec 20 03:04:38 2023

@rauldpm
Copy link
Member

rauldpm commented Dec 19, 2023
edited
Loading

WPK upgrade test - macOS

Wazuh manager 
[root@centos7 vagrant]# /var/ossec/bin/agent_control -i 001

Wazuh agent_control. Agent information:
   Agent ID:   001
   Agent Name: This-MacBook-Pro.local
   IP address: any
   Status:     Active

   Operating system:    Darwin |This-MacBook-Pro.local |16.7.0 |Darwin Kernel Version 16.7.0: Thu Jun 15 17:36:27 PDT 2017; root:xnu-3789.70.16~2/RELEASE_X86_64 |x86_64
   Client version:      Wazuh v4.7.0
   Configuration hash:  ab73af41699f13fdd81903b5f23d8d00
   Shared file hash:    4a8724b20dee0124ff9656783c490c4e
   Last keep alive:     1703087085

   Syscheck last started at:  Wed Dec 20 15:42:05 2023
   Syscheck last ended at:    Wed Dec 20 15:42:09 2023

[root@centos7 vagrant]# /var/ossec/bin/agent_upgrade -a 001

Upgrading...

Upgraded agents:
	Agent 001 upgraded: Wazuh v4.7.0 -> Wazuh v4.7.1

[root@centos7 vagrant]# /var/ossec/bin/agent_control -i 001

Wazuh agent_control. Agent information:
   Agent ID:   001
   Agent Name: This-MacBook-Pro.local
   IP address: any
   Status:     Active

   Operating system:    Darwin |This-MacBook-Pro.local |16.7.0 |Darwin Kernel Version 16.7.0: Thu Jun 15 17:36:27 PDT 2017; root:xnu-3789.70.16~2/RELEASE_X86_64 |x86_64
   Client version:      Wazuh v4.7.1
   Configuration hash:  ab73af41699f13fdd81903b5f23d8d00
   Shared file hash:    4a8724b20dee0124ff9656783c490c4e
   Last keep alive:     1703087182

   Syscheck last started at:  Wed Dec 20 15:45:43 2023
   Syscheck last ended at:    Wed Dec 20 15:45:46 2023
Wazuh agent 
h-3.2# curl -sO https://packages.wazuh.com/4.x/macos/wazuh-agent-4.7.0-1.intel64.pkg
sh-3.2# echo "WAZUH_MANAGER='192.168.56.4'" > /tmp/wazuh_envs && installer -pkg wazuh-agent-4.7.0-1.intel64.pkg -target /
installer: Package name is Wazuh Agent
installer: Installing at base path /
installer: The install was successful.
sh-3.2# /Library/Ossec/bin/wazuh-control start
Starting Wazuh v4.7.0...
Started wazuh-execd...
Started wazuh-agentd...
Started wazuh-syscheckd...
Started wazuh-logcollector...
Started wazuh-modulesd...
Completed.
sh-3.2# /Library/Ossec/bin/wazuh-control info
WAZUH_VERSION="v4.7.0"
WAZUH_REVISION="40704"
WAZUH_TYPE="agent"

sh-3.2# /Library/Ossec/bin/wazuh-control info
WAZUH_VERSION="v4.7.1"
WAZUH_REVISION="40709"
WAZUH_TYPE="agent"


sh-3.2# cat /Library/Ossec/logs/upgrade.log 
2023/12/20 07:45:36 - Generating Backup.
tar: Removing leading '/' from member names
a Library/Ossec/active-response
a Library/Ossec/active-response/bin
a Library/Ossec/active-response/bin/default-firewall-drop
a Library/Ossec/active-response/bin/disable-account
a Library/Ossec/active-response/bin/firewall-drop
a Library/Ossec/active-response/bin/firewalld-drop
a Library/Ossec/active-response/bin/host-deny
a Library/Ossec/active-response/bin/ip-customblock
a Library/Ossec/active-response/bin/ipfw
a Library/Ossec/active-response/bin/kaspersky
a Library/Ossec/active-response/bin/kaspersky.py
a Library/Ossec/active-response/bin/npf
a Library/Ossec/active-response/bin/pf
a Library/Ossec/active-response/bin/restart-wazuh
a Library/Ossec/active-response/bin/restart.sh
a Library/Ossec/active-response/bin/route-null
a Library/Ossec/active-response/bin/wazuh-slack
a Library/Ossec/bin
a Library/Ossec/bin/agent-auth
a Library/Ossec/bin/manage_agents
a Library/Ossec/bin/wazuh-agentd
a Library/Ossec/bin/wazuh-control
a Library/Ossec/bin/wazuh-execd
a Library/Ossec/bin/wazuh-logcollector
a Library/Ossec/bin/wazuh-modulesd
a Library/Ossec/bin/wazuh-syscheckd
a Library/Ossec/etc
a Library/Ossec/etc/client.keys
a Library/Ossec/etc/internal_options.conf
a Library/Ossec/etc/local_internal_options.conf
a Library/Ossec/etc/localtime
a Library/Ossec/etc/ossec.conf
a Library/Ossec/etc/shared
a Library/Ossec/etc/wpk_root.pem
a Library/Ossec/etc/shared/agent.conf
a Library/Ossec/etc/shared/ar.conf
a Library/Ossec/etc/shared/cis_apache2224_rcl.txt
a Library/Ossec/etc/shared/cis_debian_linux_rcl.txt
a Library/Ossec/etc/shared/cis_mysql5-6_community_rcl.txt
a Library/Ossec/etc/shared/cis_mysql5-6_enterprise_rcl.txt
a Library/Ossec/etc/shared/cis_rhel5_linux_rcl.txt
a Library/Ossec/etc/shared/cis_rhel6_linux_rcl.txt
a Library/Ossec/etc/shared/cis_rhel7_linux_rcl.txt
a Library/Ossec/etc/shared/cis_rhel_linux_rcl.txt
a Library/Ossec/etc/shared/cis_sles11_linux_rcl.txt
a Library/Ossec/etc/shared/cis_sles12_linux_rcl.txt
a Library/Ossec/etc/shared/cis_win2012r2_domainL1_rcl.txt
a Library/Ossec/etc/shared/cis_win2012r2_domainL2_rcl.txt
a Library/Ossec/etc/shared/cis_win2012r2_memberL1_rcl.txt
a Library/Ossec/etc/shared/cis_win2012r2_memberL2_rcl.txt
a Library/Ossec/etc/shared/merged.mg
a Library/Ossec/etc/shared/rootkit_files.txt
a Library/Ossec/etc/shared/rootkit_trojans.txt
a Library/Ossec/etc/shared/system_audit_rcl.txt
a Library/Ossec/etc/shared/system_audit_ssh.txt
a Library/Ossec/etc/shared/win_applications_rcl.txt
a Library/Ossec/etc/shared/win_audit_rcl.txt
a Library/Ossec/etc/shared/win_malware_rcl.txt
a Library/Ossec/lib
a Library/Ossec/lib/libdbsync.dylib
a Library/Ossec/lib/libfimdb.dylib
a Library/Ossec/lib/librsync.dylib
a Library/Ossec/lib/libsyscollector.dylib
a Library/Ossec/lib/libsysinfo.dylib
a Library/Ossec/lib/libwazuhext.dylib
a Library/Ossec/lib/libwazuhshared.dylib
a Library/Ossec/queue
a Library/Ossec/queue/alerts
a Library/Ossec/queue/fim
a Library/Ossec/queue/logcollector
a Library/Ossec/queue/rids
a Library/Ossec/queue/sockets
a Library/Ossec/queue/syscollector
a Library/Ossec/queue/syscollector/db
a Library/Ossec/queue/syscollector/norm_config.json
a Library/Ossec/queue/syscollector/db/local.db
a Library/Ossec/queue/syscollector/db/local.db-journal
a Library/Ossec/queue/sockets/.agent_info
a Library/Ossec/queue/sockets/com: tar format cannot archive socket
a Library/Ossec/queue/sockets/control: tar format cannot archive socket
a Library/Ossec/queue/sockets/logcollector: tar format cannot archive socket
a Library/Ossec/queue/sockets/queue: tar format cannot archive socket
a Library/Ossec/queue/sockets/syscheck: tar format cannot archive socket
a Library/Ossec/queue/sockets/upgrade: tar format cannot archive socket
a Library/Ossec/queue/sockets/wmodules: tar format cannot archive socket
a Library/Ossec/queue/rids/001
a Library/Ossec/queue/rids/sender_counter
a Library/Ossec/queue/fim/db
a Library/Ossec/queue/fim/db/fim.db
a Library/Ossec/queue/fim/db/fim.db-journal
a Library/Ossec/queue/alerts/cfgaq: tar format cannot archive socket
a Library/Ossec/queue/alerts/execq: tar format cannot archive socket
a Library/Ossec/ruleset
a Library/Ossec/ruleset/sca
a Library/Ossec/ruleset/sca/cis_apple_macOS_10.12.yml
a Library/Ossec/wodles
a Library/Ossec/wodles/__init__.py
a Library/Ossec/wodles/aws
a Library/Ossec/wodles/azure
a Library/Ossec/wodles/docker
a Library/Ossec/wodles/gcloud
a Library/Ossec/wodles/utils.py
a Library/Ossec/wodles/gcloud/buckets
a Library/Ossec/wodles/gcloud/exceptions.py
a Library/Ossec/wodles/gcloud/gcloud
a Library/Ossec/wodles/gcloud/integration.py
a Library/Ossec/wodles/gcloud/pubsub
a Library/Ossec/wodles/gcloud/tools.py
a Library/Ossec/wodles/gcloud/pubsub/subscriber.py
a Library/Ossec/wodles/gcloud/buckets/access_logs.py
a Library/Ossec/wodles/gcloud/buckets/bucket.py
a Library/Ossec/wodles/docker/DockerListener
a Library/Ossec/wodles/azure/azure-logs
a Library/Ossec/wodles/azure/orm.py
a Library/Ossec/wodles/aws/aws-s3
a Library/Ossec/agentless
a Library/Ossec/agentless/main.exp
a Library/Ossec/agentless/register_host.sh
a Library/Ossec/agentless/ssh.exp
a Library/Ossec/agentless/ssh_asa-fwsmconfig_diff
a Library/Ossec/agentless/ssh_foundry_diff
a Library/Ossec/agentless/ssh_generic_diff
a Library/Ossec/agentless/ssh_integrity_check_bsd
a Library/Ossec/agentless/ssh_integrity_check_linux
a Library/Ossec/agentless/ssh_nopass.exp
a Library/Ossec/agentless/ssh_pixconfig_diff
a Library/Ossec/agentless/sshlogin.exp
a Library/Ossec/agentless/su.exp
a Library/Ossec/logs/wazuh
a Library/Ossec/var/selinux
a Library/LaunchDaemons/com.wazuh.agent.plist
a Library/StartupItems/WAZUH
a Library/StartupItems/WAZUH/StartupParameters.plist
a Library/StartupItems/WAZUH/WAZUH
a Library/StartupItems/WAZUH/Wazuh-launcher
2023/12/20 07:45:36 - Backup generated in /Library/Ossec/backup/backup_[12-20-2023_07-45-36].tar.gz
2023/12/20 07:45:36 - Upgrade started.
installer: Package name is Wazuh Agent
installer: Upgrading at base path /
installer: The upgrade was successful.
2023/12/20 07:45:49 - Installation result = 0
2023/12/20 07:45:49 - Waiting connection... Remaining attempts: 30.
2023/12/20 07:45:50 - Status = connected. 
2023/12/20 07:45:50 - Connected to manager.
2023/12/20 07:45:50 - Upgrade finished successfully.

Notes: ⚠️

  • macOS ossec.log has been erased after the upgrade, this needs to be investigated -> Expected (happens in older versions)
  • After trying to upgrade the agent without the upgrade module started (after shared configuration restart), multiple errors have been observed (expected) but after the error messages, a restart occurs, this needs to be investigated

@wazuhci wazuhci moved this from In progress to On hold in Release 4.7.1 Dec 19, 2023
This was referenced Dec 20, 2023
Closed
Closed
@Rebits Rebits self-assigned this Dec 20, 2023
@wazuhci wazuhci moved this from On hold to In progress in Release 4.7.1 Dec 20, 2023
@Rebits
Copy link
Member

Rebits commented Dec 20, 2023
edited by pro-akim
Loading

WPK upgrade test - Linux 🟢

Agent Info 🟢 
root@ubuntu2:/home/vagrant# /var/ossec/bin/wazuh-control info
WAZUH_VERSION="v4.7.0"
WAZUH_REVISION="40704"
WAZUH_TYPE="agent"
Agent info in manager 🟢 
root@ubuntu22:/home/vagrant# /var/ossec/bin/agent_control -i 001

Wazuh agent_control. Agent information:
   Agent ID:   001
   Agent Name: ubuntu2
   IP address: any
   Status:     Active

   Operating system:    Linux |ubuntu2 |5.4.0-139-generic |#156-Ubuntu SMP Fri Jan 20 17:27:18 UTC 2023 |x86_64
   Client version:      Wazuh v4.7.0
   Configuration hash:  ab73af41699f13fdd81903b5f23d8d00
   Shared file hash:    4a8724b20dee0124ff9656783c490c4e
   Last keep alive:     1703088526

   Syscheck last started at:  Wed Dec 20 16:07:52 2023
   Syscheck last ended at:    Wed Dec 20 16:07:58 2023
Agent update 🟢 
root@ubuntu22:/home/vagrant# /var/ossec/bin/agent_upgrade -a 001

Upgrading...



Upgraded agents:
	Agent 001 upgraded: Wazuh v4.7.0 -> Wazuh v4.7.1
Agent info 🟢 
root@ubuntu2:/var/ossec# /var/ossec/bin/wazuh-control info
WAZUH_VERSION="v4.7.1"
WAZUH_REVISION="40709"
WAZUH_TYPE="agent"
Agent info in manager 🟢 
root@ubuntu22:/home/vagrant# /var/ossec/bin/agent_control -i 001

Wazuh agent_control. Agent information:
   Agent ID:   001
   Agent Name: ubuntu2
   IP address: any
   Status:     Active

   Operating system:    Linux |ubuntu2 |5.4.0-139-generic |#156-Ubuntu SMP Fri Jan 20 17:27:18 UTC 2023 |x86_64
   Client version:      Wazuh v4.7.1
   Configuration hash:  ab73af41699f13fdd81903b5f23d8d00
   Shared file hash:    4a8724b20dee0124ff9656783c490c4e
   Last keep alive:     1703088817

   Syscheck last started at:  Wed Dec 20 16:12:32 2023
   Syscheck last ended at:    Wed Dec 20 16:12:38 2023
upgrade.log 
2023/12/20 16:12:25 - Generating Backup.
tar: Removing leading `/' from member names
/var/ossec/active-response/
/var/ossec/active-response/bin/
/var/ossec/active-response/bin/host-deny
tar: Removing leading `/' from hard link targets
/var/ossec/active-response/bin/disable-account
/var/ossec/active-response/bin/restart-wazuh
/var/ossec/active-response/bin/firewalld-drop
/var/ossec/active-response/bin/route-null
/var/ossec/active-response/bin/wazuh-slack
/var/ossec/active-response/bin/default-firewall-drop
/var/ossec/active-response/bin/firewall-drop
/var/ossec/active-response/bin/pf
/var/ossec/active-response/bin/kaspersky.py
/var/ossec/active-response/bin/npf
/var/ossec/active-response/bin/kaspersky
/var/ossec/active-response/bin/ipfw
/var/ossec/active-response/bin/restart.sh
/var/ossec/active-response/bin/ip-customblock
/var/ossec/bin/
/var/ossec/bin/manage_agents
/var/ossec/bin/wazuh-syscheckd
/var/ossec/bin/wazuh-execd
/var/ossec/bin/wazuh-agentd
/var/ossec/bin/wazuh-modulesd
/var/ossec/bin/agent-auth
/var/ossec/bin/wazuh-logcollector
/var/ossec/bin/wazuh-control
/var/ossec/etc/
/var/ossec/etc/shared/
/var/ossec/etc/shared/cis_win2012r2_domainL2_rcl.txt
/var/ossec/etc/shared/rootkit_files.txt
/var/ossec/etc/shared/win_applications_rcl.txt
/var/ossec/etc/shared/cis_win2012r2_domainL1_rcl.txt
/var/ossec/etc/shared/merged.mg
/var/ossec/etc/shared/rootkit_trojans.txt
/var/ossec/etc/shared/win_audit_rcl.txt
/var/ossec/etc/shared/cis_sles12_linux_rcl.txt
/var/ossec/etc/shared/cis_win2012r2_memberL2_rcl.txt
/var/ossec/etc/shared/cis_debian_linux_rcl.txt
/var/ossec/etc/shared/system_audit_ssh.txt
/var/ossec/etc/shared/cis_rhel6_linux_rcl.txt
/var/ossec/etc/shared/cis_mysql5-6_enterprise_rcl.txt
/var/ossec/etc/shared/cis_mysql5-6_community_rcl.txt
/var/ossec/etc/shared/cis_rhel5_linux_rcl.txt
/var/ossec/etc/shared/cis_rhel7_linux_rcl.txt
/var/ossec/etc/shared/cis_sles11_linux_rcl.txt
/var/ossec/etc/shared/cis_rhel_linux_rcl.txt
/var/ossec/etc/shared/win_malware_rcl.txt
/var/ossec/etc/shared/ar.conf
/var/ossec/etc/shared/system_audit_rcl.txt
/var/ossec/etc/shared/agent.conf
/var/ossec/etc/shared/cis_apache2224_rcl.txt
/var/ossec/etc/shared/cis_win2012r2_memberL1_rcl.txt
/var/ossec/etc/internal_options.conf
/var/ossec/etc/wpk_root.pem
/var/ossec/etc/localtime
/var/ossec/etc/ossec.conf.save
/var/ossec/etc/client.keys
/var/ossec/etc/local_internal_options.conf
/var/ossec/etc/ossec.conf
/var/ossec/etc/client.keys.save
/var/ossec/etc/local_internal_options.conf.save
/var/ossec/lib/
/var/ossec/lib/libsysinfo.so
/var/ossec/lib/libwazuhext.so
/var/ossec/lib/libdbsync.so
/var/ossec/lib/librsync.so
/var/ossec/lib/libgcc_s.so.1
/var/ossec/lib/libstdc++.so.6
/var/ossec/lib/libwazuhshared.so
/var/ossec/lib/libfimdb.so
/var/ossec/lib/libsyscollector.so
/var/ossec/queue/
/var/ossec/queue/rids/
/var/ossec/queue/rids/sender_counter
/var/ossec/queue/rids/001
/var/ossec/queue/alerts/
tar: /var/ossec/queue/alerts/cfgaq: socket ignored
tar: /var/ossec/queue/alerts/execq: socket ignored
/var/ossec/queue/logcollector/
/var/ossec/queue/logcollector/file_status.json
/var/ossec/queue/sockets/
/var/ossec/queue/sockets/.agent_info
tar: /var/ossec/queue/sockets/wmodules: socket ignored
tar: /var/ossec/queue/sockets/queue: socket ignored
tar: /var/ossec/queue/sockets/com: socket ignored
tar: /var/ossec/queue/sockets/syscheck: socket ignored
tar: /var/ossec/queue/sockets/logcollector: socket ignored
tar: /var/ossec/queue/sockets/control: socket ignored
tar: /var/ossec/queue/sockets/upgrade: socket ignored
/var/ossec/queue/fim/
/var/ossec/queue/fim/db/
/var/ossec/queue/fim/db/fim.db-journal
/var/ossec/queue/fim/db/fim.db
/var/ossec/queue/syscollector/
/var/ossec/queue/syscollector/db/
/var/ossec/queue/syscollector/db/local.db
/var/ossec/queue/syscollector/db/local.db-journal
/var/ossec/queue/syscollector/norm_config.json
/var/ossec/ruleset/
/var/ossec/ruleset/sca/
/var/ossec/ruleset/sca/cis_ubuntu20-04.yml
/var/ossec/wodles/
/var/ossec/wodles/gcloud/
/var/ossec/wodles/gcloud/gcloud
/var/ossec/wodles/gcloud/tools.py
/var/ossec/wodles/gcloud/exceptions.py
/var/ossec/wodles/gcloud/buckets/
/var/ossec/wodles/gcloud/buckets/bucket.py
/var/ossec/wodles/gcloud/buckets/access_logs.py
/var/ossec/wodles/gcloud/integration.py
/var/ossec/wodles/gcloud/pubsub/
/var/ossec/wodles/gcloud/pubsub/subscriber.py
/var/ossec/wodles/docker/
/var/ossec/wodles/docker/DockerListener
/var/ossec/wodles/__init__.py
/var/ossec/wodles/aws/
/var/ossec/wodles/aws/aws-s3
/var/ossec/wodles/utils.py
/var/ossec/wodles/azure/
/var/ossec/wodles/azure/orm.py
/var/ossec/wodles/azure/azure-logs
/var/ossec/agentless/
/var/ossec/agentless/sshlogin.exp
/var/ossec/agentless/ssh_pixconfig_diff
/var/ossec/agentless/register_host.sh
/var/ossec/agentless/ssh_integrity_check_bsd
/var/ossec/agentless/ssh_generic_diff
/var/ossec/agentless/ssh_integrity_check_linux
/var/ossec/agentless/ssh.exp
/var/ossec/agentless/ssh_nopass.exp
/var/ossec/agentless/su.exp
/var/ossec/agentless/ssh_asa-fwsmconfig_diff
/var/ossec/agentless/ssh_foundry_diff
/var/ossec/agentless/main.exp
/var/ossec/logs/wazuh/
/var/ossec/var/selinux/
/var/ossec/var/selinux/wazuh.pp
/usr/lib/systemd/system/wazuh-agent.service
2023/12/20 16:12:26 - Backup generated in /var/ossec/backup/backup_[12-20-2023_16-12-25].tar.gz
2023/12/20 16:12:26 - Upgrade started.

 Wazuh v4.7.1 (Rev. 40709) Installation Script - https://www.wazuh.com

 You are about to start the installation process of Wazuh.
 You must have a C compiler pre-installed in your system.

  - System: Linux ubuntu2 5.4.0-139-generic (ubuntu 20.04)
  - User: root
  - Host: ubuntu2


  -- Press ENTER to continue or Ctrl-C to abort. --

 - You already have Wazuh installed. Do you want to update it? (y/n): 
    - Installation will be made at  /var/ossec .

4- Installing the system

DIR="/var/ossec"
 - Running the Makefile

Stopping Wazuh...
agent
Wait for success...
success
Removing old SCA policies...
Installing SCA policies...


Wait for success...
success
Starting Wazuh...

 - Configuration finished properly.

 - To start Wazuh:
      /var/ossec/bin/wazuh-control start

 - To stop Wazuh:
      /var/ossec/bin/wazuh-control stop

 - The configuration can be viewed or modified at /var/ossec/etc/ossec.conf


   Thanks for using Wazuh.
   Please don't hesitate to contact us if you need help or find
   any bugs.

   Use our public Mailing List at:
          https://groups.google.com/forum/#!forum/wazuh

   More information can be found at:
          - http://www.wazuh.com

    ---  Press ENTER to finish (maybe more information below). ---

 - Update completed.

2023/12/20 16:12:37 - Installation result = 0
2023/12/20 16:12:37 - Waiting connection... Remaining attempts: 30.
2023/12/20 16:12:38 - Status = connected. 
2023/12/20 16:12:38 - Connected to manager.
2023/12/20 16:12:38 - Upgrade finished successfully.

@wazuhci wazuhci moved this from In progress to Pending review in Release 4.7.1 Dec 20, 2023
@wazuhci wazuhci moved this from Pending review to In review in Release 4.7.1 Dec 20, 2023
@pro-akim
Copy link
Member

Review Notes

LGTM

@wazuhci wazuhci moved this from In review to Pending final review in Release 4.7.1 Dec 20, 2023
@github-project-automation github-project-automation bot moved this from Pending final review to Done in Release 4.7.1 Dec 20, 2023
@rauldpm rauldpm mentioned this issue Dec 22, 2023
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@Rebits Rebits

@rauldpm rauldpm

@juliamagan juliamagan

Labels
level/subtask Subtask issue request/operational type/maintenance
Projects
No open projects
Release 4.7.1
Status: Done
Milestone
No milestone
Development

No branches or pull requests
5 participants
@Rebits @rauldpm @davidjiglesias @juliamagan @pro-akim