Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Cannot deploy playbooks using ansible on a Mac #1115

Closed
dmaasland opened this issue Nov 8, 2023 · 13 comments · Fixed by #1325 or wazuh/wazuh-documentation#7485
Closed

Cannot deploy playbooks using ansible on a Mac #1115

dmaasland opened this issue Nov 8, 2023 · 13 comments · Fixed by #1325 or wazuh/wazuh-documentation#7485
Assignees
@c-bordon
Labels
level/task Subtask issue reporter/community Issue reported by the community type/bug

Comments

@dmaasland
Copy link

Hello,

It seems that deploying of playbooks does not work when running Ansible on a Mac. Something weird happens during the certificate generation where node certificates aren't created. I've narrowed this down to the Mac version of awk not playing nice with the commands in the wazuh-certs-generator.sh script. It'll give warnings like this when run manually:

awk: syntax error at source line 7
 context is
        , >>>  indent+) <<<  "  ";
awk: illegal statement at source line 7
awk: illegal statement at source line 7
sed: 2: "s|^[[:space:]]*#.*||;s| ...": undefined label '1;t;:1;s|^[[:space:]]*$||;t2;p;:2;d'
sed: 2: "s|^\([[:space:]]*\)-[[: ...": unused label '1;s|^\([[:space:]]*\)\([a-zA-Z0-9_]*\)[[:space:]]*:[[:space:]]*\(&[a-zA-Z0-9_]*\)\?[[:space:]]*\[[[:space:]]*\(.*\)[[:space:]]*,[[:space:]]*\(.*\)[[:space:]]*\]|\1\2: \3[\4]\n\1  - \5|;t1'
sed: 2: "s|^\([[:space:]]*\)-[[: ...": unused label '2;s|^\([[:space:]]*\)-[[:space:]]*\[[[:space:]]*\(.*\)[[:space:]]*,[[:space:]]*\(.*\)[[:space:]]*\]|\1- [\2]\n\1  - \3|;t2'
sed: 2: "s|^\([[:space:]]*\)\([a ...": unused label '1;s|^\([[:space:]]*\)-[[:space:]]*{[[:space:]]*\(.*\)[[:space:]]*,[[:space:]]*\([a-zA-Z0-9_]*\)[[:space:]]*:[[:space:]]*\(.*\)[[:space:]]*}|\1- {\2}\n\1  \3: \4|;t1'
sed: 2: "s|^\([[:space:]]*\)\([a ...": unused label '2;s|^\([[:space:]]*\)\([a-zA-Z0-9_]*\)[[:space:]]*:[[:space:]]*\(&[a-zA-Z0-9_]*\)\?[[:space:]]*{[[:space:]]*\(.*\)[[:space:]]*,[[:space:]]*\([a-zA-Z0-9_]*\)[[:space:]]*:[[:space:]]*\(.*\)[[:space:]]*}|\1\2: \3 {\4}\n\1  \5: \6|;t2'
awk: syntax error at source line 7
 context is
        , >>>  indent+) <<<  "  ";
awk: illegal statement at source line 7
awk: illegal statement at source line 7
sed: 2: "s|^[[:space:]]*#.*||;s| ...": undefined label '1;t;:1;s|^[[:space:]]*$||;t2;p;:2;d'
sed: 2: "s|^\([[:space:]]*\)-[[: ...": unused label '1;s|^\([[:space:]]*\)\([a-zA-Z0-9_]*\)[[:space:]]*:[[:space:]]*\(&[a-zA-Z0-9_]*\)\?[[:space:]]*\[[[:space:]]*\(.*\)[[:space:]]*,[[:space:]]*\(.*\)[[:space:]]*\]|\1\2: \3[\4]\n\1  - \5|;t1'
sed: 2: "s|^\([[:space:]]*\)-[[: ...": unused label '2;s|^\([[:space:]]*\)-[[:space:]]*\[[[:space:]]*\(.*\)[[:space:]]*,[[:space:]]*\(.*\)[[:space:]]*\]|\1- [\2]\n\1  - \3|;t2'
sed: 2: "s|^\([[:space:]]*\)\([a ...": unused label '1;s|^\([[:space:]]*\)-[[:space:]]*{[[:space:]]*\(.*\)[[:space:]]*,[[:space:]]*\([a-zA-Z0-9_]*\)[[:space:]]*:[[:space:]]*\(.*\)[[:space:]]*}|\1- {\2}\n\1  \3: \4|;t1'
sed: 2: "s|^\([[:space:]]*\)\([a ...": unused label '2;s|^\([[:space:]]*\)\([a-zA-Z0-9_]*\)[[:space:]]*:[[:space:]]*\(&[a-zA-Z0-9_]*\)\?[[:space:]]*{[[:space:]]*\(.*\)[[:space:]]*,[[:space:]]*\([a-zA-Z0-9_]*\)[[:space:]]*:[[:space:]]*\(.*\)[[:space:]]*}|\1\2: \3 {\4}\n\1  \5: \6|;t2'

Ansible won't show you this though so it just seems to fail. Running the same command in an ubuntu docker works fine.
@vikman90 vikman90 added reporter/community Issue reported by the community type/bug level/task Subtask issue labels Nov 15, 2023
@vikman90
Copy link
Member

Assigning this issue to @wazuh/cicd.

@mrjson79
Copy link

watching this - have the same issue on mac. Trying to install 4.7.2.

@c-bordon c-bordon mentioned this issue May 22, 2024
Closed
@c-bordon c-bordon self-assigned this Jun 27, 2024
@c-bordon
Copy link
Member

Update report

After resolving that the alternative for using the Wazuh certificates tool for macOS and Windows systems is to use the tool through docker: wazuh/wazuh-packages#1660

An adaptation is made so that when the playbooks are run on a macOS host with Ansible, the creation of the certificates is generated using the dockerized image.

Some tests are carried out in a simulated environment (performed on a Linux machine, limiting the execution of tasks according to the system)

Test in linux:

TASK [../roles/wazuh/wazuh-indexer : Check if certificates already exists] *****************************************************************************************************************************************************************
ok: [192.168.57.46 -> localhost]

TASK [../roles/wazuh/wazuh-indexer : Local action | Create local temporary directory for certificates generation] **************************************************************************************************************************
skipping: [192.168.57.46]

TASK [../roles/wazuh/wazuh-indexer : Local action | Check that the generation tool exists] *************************************************************************************************************************************************
skipping: [192.168.57.46]

TASK [../roles/wazuh/wazuh-indexer : Local action | Download certificates generation tool] *************************************************************************************************************************************************
skipping: [192.168.57.46]

TASK [../roles/wazuh/wazuh-indexer : Local action | Prepare the certificates generation template file] *************************************************************************************************************************************
skipping: [192.168.57.46]

TASK [../roles/wazuh/wazuh-indexer : Local action | Generate the node & admin certificates in local] ***************************************************************************************************************************************
skipping: [192.168.57.46]

TASK [../roles/wazuh/wazuh-indexer : Local action | Check for Docker installation on macOS] ************************************************************************************************************************************************
skipping: [192.168.57.46]

TASK [../roles/wazuh/wazuh-indexer : Local action | Fail if Docker is not installed] *******************************************************************************************************************************************************
skipping: [192.168.57.46]

TASK [../roles/wazuh/wazuh-indexer : Local action | Run Docker container on macOS] *********************************************************************************************************************************************************
skipping: [192.168.57.46]

TASK [../roles/wazuh/wazuh-indexer : Local action | Remove Docker image after execution] ***************************************************************************************************************************************************
skipping: [192.168.57.46]

TASK [../roles/wazuh/wazuh-indexer : RedHat/CentOS/Fedora | Add Wazuh indexer repo] ********************************************************************************************************************************************************
skipping: [192.168.57.46]

Test in simulated macOS:

TASK [../roles/wazuh/wazuh-indexer : Check if certificates already exists] *****************************************************************************************************************************************************************
ok: [192.168.57.46 -> localhost]

TASK [../roles/wazuh/wazuh-indexer : Local action | Create local temporary directory for certificates generation] **************************************************************************************************************************
changed: [192.168.57.46 -> localhost]

TASK [../roles/wazuh/wazuh-indexer : Local action | Check that the generation tool exists] *************************************************************************************************************************************************
skipping: [192.168.57.46]

TASK [../roles/wazuh/wazuh-indexer : Local action | Download certificates generation tool] *************************************************************************************************************************************************
skipping: [192.168.57.46]

TASK [../roles/wazuh/wazuh-indexer : Local action | Prepare the certificates generation template file] *************************************************************************************************************************************
changed: [192.168.57.46 -> localhost]

TASK [../roles/wazuh/wazuh-indexer : Local action | Generate the node & admin certificates in local] ***************************************************************************************************************************************
skipping: [192.168.57.46]

TASK [../roles/wazuh/wazuh-indexer : Local action | Check for Docker installation on macOS] ************************************************************************************************************************************************
changed: [192.168.57.46 -> localhost]

TASK [../roles/wazuh/wazuh-indexer : Local action | Fail if Docker is not installed] *******************************************************************************************************************************************************
skipping: [192.168.57.46]

TASK [../roles/wazuh/wazuh-indexer : Local action | Run Docker container on macOS] *********************************************************************************************************************************************************
changed: [192.168.57.46 -> localhost]

TASK [../roles/wazuh/wazuh-indexer : Local action | Remove Docker image after execution] ***************************************************************************************************************************************************
changed: [192.168.57.46 -> localhost]

TASK [../roles/wazuh/wazuh-indexer : RedHat/CentOS/Fedora | Add Wazuh indexer repo] ********************************************************************************************************************************************************
skipping: [192.168.57.46]

cbordon@cbordon-MS-7C88:~/Documents/wazuh/repositorios/wazuh-ansible$ ls -la playbooks/indexer/certificates/
total 16
drwxr-xr-x 3 root root 4096 jun 27 16:29 .
drwxr-xr-x 3 root root 4096 jun 27 16:29 ..
-rw-r--r-- 1 root root  205 jun 27 16:29 config.yml
dr-x------ 2 root root 4096 jun 27 16:29 wazuh-certificates
cbordon@cbordon-MS-7C88:~/Documents/wazuh/repositorios/wazuh-ansible$ sudo ls -la playbooks/indexer/certificates/wazuh-certificates/
total 40
dr-x------ 2 root             root             4096 jun 27 16:29 .
drwxr-xr-x 3 root             root             4096 jun 27 16:29 ..
-r-------- 1 cbordon          cbordon          1704 jun 27 16:29 admin-key.pem
-r-------- 1 cbordon          cbordon          1119 jun 27 16:29 admin.pem
-r-------- 1 cbordon          cbordon          1704 jun 27 16:29 node-1-key.pem
-r-------- 1 cbordon          cbordon          1277 jun 27 16:29 node-1.pem
-r-------- 1 cbordon          cbordon          1704 jun 27 16:29 root-ca.key
-r-------- 1 systemd-coredump systemd-coredump 1704 jun 27 16:29 root-ca-manager.key
-r-------- 1 systemd-coredump systemd-coredump 1204 jun 27 16:29 root-ca-manager.pem
-r-------- 1 cbordon          cbordon          1204 jun 27 16:29 root-ca.pem
cbordon@cbordon-MS-7C88:~/Documents/wazuh/repositorios/wazuh-ansible$ cat playbooks/indexer/certificates/config.yml 
nodes:
  # Indexer server nodes
  indexer:
    - name: node-1
      ip: 127.0.0.1

  # Wazuh server nodes
  # Use node_type only with more than one Wazuh manager
  server:

  # Dashboard node
  dashboard:

@c-bordon
Copy link
Member

Test installation in Linux:

  TASK [../roles/wazuh/wazuh-dashboard : Copy the certificates from local to the Wazuh dashboard instance] ***********************************************************************************************************************************
changed: [192.168.57.46] => (item=root-ca.pem)
changed: [192.168.57.46] => (item=node-1-key.pem)
changed: [192.168.57.46] => (item=node-1.pem)

TASK [../roles/wazuh/wazuh-dashboard : Copy Configuration File] ****************************************************************************************************************************************************************************
changed: [192.168.57.46]

TASK [../roles/wazuh/wazuh-dashboard : Ensuring Wazuh dashboard directory owner] ***********************************************************************************************************************************************************
ok: [192.168.57.46]

TASK [../roles/wazuh/wazuh-dashboard : Wait for Wazuh-Indexer port] ************************************************************************************************************************************************************************
ok: [192.168.57.46]

TASK [../roles/wazuh/wazuh-dashboard : Select correct API protocol] ************************************************************************************************************************************************************************
ok: [192.168.57.46]

TASK [../roles/wazuh/wazuh-dashboard : Attempting to delete legacy Wazuh index if exists] **************************************************************************************************************************************************
ok: [192.168.57.46]

TASK [../roles/wazuh/wazuh-dashboard : Create Wazuh Plugin config directory] ***************************************************************************************************************************************************************
ok: [192.168.57.46]

TASK [../roles/wazuh/wazuh-dashboard : Configure Wazuh Dashboard Plugin] *******************************************************************************************************************************************************************
ok: [192.168.57.46]

TASK [../roles/wazuh/wazuh-dashboard : Configure opensearch.password in opensearch_dashboards.keystore] ************************************************************************************************************************************
changed: [192.168.57.46]

TASK [../roles/wazuh/wazuh-dashboard : Ensure Wazuh dashboard started and enabled] *********************************************************************************************************************************************************
changed: [192.168.57.46]

TASK [../roles/wazuh/wazuh-dashboard : Remove Wazuh dashboard repository (and clean up left-over metadata)] ********************************************************************************************************************************
skipping: [192.168.57.46]

RUNNING HANDLER [../roles/wazuh/wazuh-indexer : restart wazuh-indexer] *********************************************************************************************************************************************************************
changed: [192.168.57.46]

RUNNING HANDLER [../roles/wazuh/ansible-wazuh-manager : restart wazuh-manager] *************************************************************************************************************************************************************
changed: [192.168.57.46]

RUNNING HANDLER [../roles/wazuh/ansible-filebeat-oss : restart filebeat] *******************************************************************************************************************************************************************
changed: [192.168.57.46]

RUNNING HANDLER [../roles/wazuh/wazuh-dashboard : restart wazuh-dashboard] *****************************************************************************************************************************************************************
changed: [192.168.57.46]

PLAY RECAP *********************************************************************************************************************************************************************************************************************************
192.168.57.46              : ok=117  changed=58   unreachable=0    failed=0    skipped=91   rescued=0    ignored=0

Screenshot_20240627_171625

@c-bordon
Copy link
Member

Test in Linux using docker:

TASK [../roles/wazuh/wazuh-indexer : Check if certificates already exists] *****************************************************************************************************************************************************************
ok: [192.168.57.151 -> localhost]

TASK [../roles/wazuh/wazuh-indexer : Local action | Create local temporary directory for certificates generation] **************************************************************************************************************************
changed: [192.168.57.151 -> localhost]

TASK [../roles/wazuh/wazuh-indexer : Local action | Check that the generation tool exists] *************************************************************************************************************************************************
skipping: [192.168.57.151]

TASK [../roles/wazuh/wazuh-indexer : Local action | Download certificates generation tool] *************************************************************************************************************************************************
skipping: [192.168.57.151]

TASK [../roles/wazuh/wazuh-indexer : Local action | Prepare the certificates generation template file] *************************************************************************************************************************************
changed: [192.168.57.151 -> localhost]

TASK [../roles/wazuh/wazuh-indexer : Local action | Generate the node & admin certificates in local] ***************************************************************************************************************************************
skipping: [192.168.57.151]

TASK [../roles/wazuh/wazuh-indexer : Local action | Check for Docker installation on macOS] ************************************************************************************************************************************************
changed: [192.168.57.151 -> localhost]

TASK [../roles/wazuh/wazuh-indexer : Local action | Fail if Docker is not installed] *******************************************************************************************************************************************************
skipping: [192.168.57.151]

TASK [../roles/wazuh/wazuh-indexer : Local action | Run Docker container on macOS] *********************************************************************************************************************************************************
changed: [192.168.57.151 -> localhost]

TASK [../roles/wazuh/wazuh-indexer : Local action | Remove Docker image after execution] ***************************************************************************************************************************************************
changed: [192.168.57.151 -> localhost]

TASK [../roles/wazuh/wazuh-indexer : RedHat/CentOS/Fedora | Add Wazuh indexer repo] ********************************************************************************************************************************************************
skipping: [192.168.57.151]

TASK [../roles/wazuh/wazuh-indexer : Install Amazon extras] ********************************************************************************************************************************************************************************
skipping: [192.168.57.151]

----

TASK [../roles/wazuh/wazuh-dashboard : Configure opensearch.password in opensearch_dashboards.keystore] ************************************************************************************************************************************
changed: [192.168.57.151]

TASK [../roles/wazuh/wazuh-dashboard : Ensure Wazuh dashboard started and enabled] *********************************************************************************************************************************************************
changed: [192.168.57.151]

TASK [../roles/wazuh/wazuh-dashboard : Remove Wazuh dashboard repository (and clean up left-over metadata)] ********************************************************************************************************************************
skipping: [192.168.57.151]

RUNNING HANDLER [../roles/wazuh/wazuh-indexer : restart wazuh-indexer] *********************************************************************************************************************************************************************
changed: [192.168.57.151]

RUNNING HANDLER [../roles/wazuh/ansible-wazuh-manager : restart wazuh-manager] *************************************************************************************************************************************************************
changed: [192.168.57.151]

RUNNING HANDLER [../roles/wazuh/ansible-filebeat-oss : restart filebeat] *******************************************************************************************************************************************************************
changed: [192.168.57.151]

RUNNING HANDLER [../roles/wazuh/wazuh-dashboard : restart wazuh-dashboard] *****************************************************************************************************************************************************************
changed: [192.168.57.151]

PLAY RECAP *********************************************************************************************************************************************************************************************************************************
192.168.57.151             : ok=117  changed=62   unreachable=0    failed=0    skipped=91   rescued=0    ignored=0

Screenshot_20240627_171617

@Enaraque
Copy link
Member

Update report

An attempt has been made to install an AIO with ansible on an ubuntu 20 VM from a macOS host machine.
When trying to install the certificates, the part of running docker containers on macOS was skipped even though the host machine was macOS.
Because of this, I got the error certificate verify failed: unable to get local issuer certificate

The output was the following:

ansible error output 
TASK [../roles/wazuh/wazuh-indexer : Local action | Create local temporary directory for certificates generation] **************************************************
changed: [192.168.56.11 -> localhost]

TASK [../roles/wazuh/wazuh-indexer : Local action | Check that the generation tool exists] *************************************************************************
ok: [192.168.56.11 -> localhost]

TASK [../roles/wazuh/wazuh-indexer : Local action | Download certificates generation tool] *************************************************************************
changed: [192.168.56.11 -> localhost]

TASK [../roles/wazuh/wazuh-indexer : Local action | Prepare the certificates generation template file] *************************************************************
changed: [192.168.56.11 -> localhost]

TASK [../roles/wazuh/wazuh-indexer : Local action | Generate the node & admin certificates in local] ***************************************************************
changed: [192.168.56.11 -> localhost]

TASK [../roles/wazuh/wazuh-indexer : Local action | Check for Docker installation on macOS] ************************************************************************
skipping: [192.168.56.11]

TASK [../roles/wazuh/wazuh-indexer : Local action | Fail if Docker is not installed] *******************************************************************************
skipping: [192.168.56.11]

TASK [../roles/wazuh/wazuh-indexer : Local action | Run Docker container on macOS] *********************************************************************************
skipping: [192.168.56.11]

TASK [../roles/wazuh/wazuh-indexer : Local action | Remove Docker image after execution] ***************************************************************************
skipping: [192.168.56.11]

TASK [../roles/wazuh/wazuh-indexer : RedHat/CentOS/Fedora | Add Wazuh indexer repo] ********************************************************************************
skipping: [192.168.56.11]

TASK [../roles/wazuh/wazuh-indexer : Install Amazon extras] ********************************************************************************************************
skipping: [192.168.56.11]

TASK [../roles/wazuh/wazuh-indexer : Configure vm.max_map_count] ***************************************************************************************************
skipping: [192.168.56.11]

TASK [../roles/wazuh/wazuh-indexer : Update vm.max_map_count] ******************************************************************************************************
skipping: [192.168.56.11]

TASK [../roles/wazuh/wazuh-indexer : RedHat/CentOS/Fedora | Install Indexer dependencies] **************************************************************************
skipping: [192.168.56.11]

TASK [../roles/wazuh/wazuh-indexer : Install Wazuh indexer] ********************************************************************************************************
skipping: [192.168.56.11]

TASK [../roles/wazuh/wazuh-indexer : Update cache] *****************************************************************************************************************
skipping: [192.168.56.11]

TASK [../roles/wazuh/wazuh-indexer : Install Wazuh indexer dependencies] *******************************************************************************************
skipping: [192.168.56.11]

TASK [../roles/wazuh/wazuh-indexer : Add apt repository signing key] ***********************************************************************************************
skipping: [192.168.56.11]

TASK [../roles/wazuh/wazuh-indexer : Import Wazuh repository GPG key] **********************************************************************************************
skipping: [192.168.56.11]

TASK [../roles/wazuh/wazuh-indexer : Set permissions for Wazuh repository GPG key] *********************************************************************************
skipping: [192.168.56.11]

TASK [../roles/wazuh/wazuh-indexer : Add Wazuh indexer repository] *************************************************************************************************
skipping: [192.168.56.11]

TASK [../roles/wazuh/wazuh-indexer : Install Wazuh indexer] ********************************************************************************************************
skipping: [192.168.56.11]

TASK [../roles/wazuh/wazuh-indexer : Remove performance analyzer plugin from Wazuh indexer] ************************************************************************
skipping: [192.168.56.11]

TASK [../roles/wazuh/wazuh-indexer : Remove Opensearch configuration file] *****************************************************************************************
skipping: [192.168.56.11]

TASK [../roles/wazuh/wazuh-indexer : Copy Opensearch Configuration File] *******************************************************************************************
skipping: [192.168.56.11]

TASK [../roles/wazuh/wazuh-indexer : include_tasks] ****************************************************************************************************************
skipping: [192.168.56.11]

TASK [../roles/wazuh/wazuh-indexer : Configure Wazuh indexer JVM memmory.] *****************************************************************************************
skipping: [192.168.56.11]

TASK [../roles/wazuh/wazuh-indexer : Ensure extra time for Wazuh indexer to start on reboots] **********************************************************************
skipping: [192.168.56.11]

TASK [../roles/wazuh/wazuh-indexer : Index files to remove] ********************************************************************************************************
skipping: [192.168.56.11]

TASK [../roles/wazuh/wazuh-indexer : Remove Index Files] ***********************************************************************************************************
skipping: [192.168.56.11]

TASK [../roles/wazuh/wazuh-indexer : Ensure Wazuh indexer started and enabled] *************************************************************************************
skipping: [192.168.56.11]

TASK [../roles/wazuh/wazuh-indexer : Wait for Wazuh indexer API] ***************************************************************************************************
skipping: [192.168.56.11]

TASK [../roles/wazuh/wazuh-indexer : Wait for Wazuh indexer API (Private IP)] **************************************************************************************
skipping: [192.168.56.11]

TASK [../roles/wazuh/wazuh-indexer : RedHat/CentOS/Fedora | Remove Wazuh indexer repository (and clean up left-over metadata)] *************************************
skipping: [192.168.56.11]

TASK [../roles/wazuh/wazuh-indexer : Reload systemd configuration] *************************************************************************************************
skipping: [192.168.56.11]

PLAY [aio] *********************************************************************************************************************************************************

TASK [Gathering Facts] *********************************************************************************************************************************************
ok: [192.168.56.11]

TASK [../roles/wazuh/wazuh-indexer : include_vars] *****************************************************************************************************************
ok: [192.168.56.11]

TASK [../roles/wazuh/wazuh-indexer : include_vars] *****************************************************************************************************************
ok: [192.168.56.11]

TASK [../roles/wazuh/wazuh-indexer : include_vars] *****************************************************************************************************************
skipping: [192.168.56.11]

TASK [../roles/wazuh/wazuh-indexer : include_vars] *****************************************************************************************************************
skipping: [192.168.56.11]

TASK [../roles/wazuh/wazuh-indexer : Check if certificates already exists] *****************************************************************************************
ok: [192.168.56.11 -> localhost]

TASK [../roles/wazuh/wazuh-indexer : Print all available facts] ****************************************************************************************************
skipping: [192.168.56.11]

TASK [../roles/wazuh/wazuh-indexer : Local action | Create local temporary directory for certificates generation] **************************************************
skipping: [192.168.56.11]

TASK [../roles/wazuh/wazuh-indexer : Local action | Check that the generation tool exists] *************************************************************************
skipping: [192.168.56.11]

TASK [../roles/wazuh/wazuh-indexer : Local action | Download certificates generation tool] *************************************************************************
skipping: [192.168.56.11]

TASK [../roles/wazuh/wazuh-indexer : Local action | Prepare the certificates generation template file] *************************************************************
skipping: [192.168.56.11]

TASK [../roles/wazuh/wazuh-indexer : Local action | Generate the node & admin certificates in local] ***************************************************************
skipping: [192.168.56.11]

TASK [../roles/wazuh/wazuh-indexer : Local action | Check for Docker installation on macOS] ************************************************************************
skipping: [192.168.56.11]

TASK [../roles/wazuh/wazuh-indexer : Local action | Fail if Docker is not installed] *******************************************************************************
skipping: [192.168.56.11]

TASK [../roles/wazuh/wazuh-indexer : Local action | Run Docker container on macOS] *********************************************************************************
skipping: [192.168.56.11]

TASK [../roles/wazuh/wazuh-indexer : Local action | Remove Docker image after execution] ***************************************************************************
skipping: [192.168.56.11]

TASK [../roles/wazuh/wazuh-indexer : RedHat/CentOS/Fedora | Add Wazuh indexer repo] ********************************************************************************
skipping: [192.168.56.11]

TASK [../roles/wazuh/wazuh-indexer : Install Amazon extras] ********************************************************************************************************
skipping: [192.168.56.11]

TASK [../roles/wazuh/wazuh-indexer : Configure vm.max_map_count] ***************************************************************************************************
skipping: [192.168.56.11]

TASK [../roles/wazuh/wazuh-indexer : Update vm.max_map_count] ******************************************************************************************************
skipping: [192.168.56.11]

TASK [../roles/wazuh/wazuh-indexer : RedHat/CentOS/Fedora | Install Indexer dependencies] **************************************************************************
skipping: [192.168.56.11]

TASK [../roles/wazuh/wazuh-indexer : Install Wazuh indexer] ********************************************************************************************************
skipping: [192.168.56.11]

TASK [../roles/wazuh/wazuh-indexer : Update cache] *****************************************************************************************************************
ok: [192.168.56.11]

TASK [../roles/wazuh/wazuh-indexer : Install Wazuh indexer dependencies] *******************************************************************************************
skipping: [192.168.56.11]

TASK [../roles/wazuh/wazuh-indexer : Add apt repository signing key] ***********************************************************************************************
fatal: [192.168.56.11]: FAILED! => {"changed": false, "dest": "/tmp/WAZUH-GPG-KEY", "elapsed": 0, "msg": "Request failed: <urlopen error [SSL: CERTIFICATE_VERIFY_FAILED] certificate verify failed: unable to get local issuer certificate (_ssl.c:1131)>", "url": "https://packages.wazuh.com/key/GPG-KEY-WAZUH"}

PLAY RECAP *********************************************************************************************************************************************************
192.168.56.11              : ok=15   changed=4    unreachable=0    failed=1    skipped=51   rescued=0    ignored=0

@c-bordon
Copy link
Member

We need to review with @teddytpc1 the behavior of delegate_to parameter

@c-bordon
Copy link
Member

New approach.

We change the form of validation since the systems check does not work for us because Ansible validates the target system. In this case, it omits validating the host (macOS), so we will use a variable to validate this. With this, the user who runs Ansible on macOS must change the variable to true for the deployment to work correctly:

Test with the variable in false

TASK [../roles/wazuh/wazuh-indexer : include_vars] *****************************************************************************************************************************************************************************************
skipping: [192.168.57.103]

TASK [../roles/wazuh/wazuh-indexer : Check if certificates already exists] *****************************************************************************************************************************************************************
ok: [192.168.57.103 -> localhost]

TASK [../roles/wazuh/wazuh-indexer : Local action | Create local temporary directory for certificates generation] **************************************************************************************************************************
changed: [192.168.57.103 -> localhost]

TASK [../roles/wazuh/wazuh-indexer : Local action | Check that the generation tool exists] *************************************************************************************************************************************************
ok: [192.168.57.103 -> localhost]

TASK [../roles/wazuh/wazuh-indexer : Local action | Download certificates generation tool] *************************************************************************************************************************************************
changed: [192.168.57.103 -> localhost]

TASK [../roles/wazuh/wazuh-indexer : Local action | Prepare the certificates generation template file] *************************************************************************************************************************************
changed: [192.168.57.103 -> localhost]

TASK [../roles/wazuh/wazuh-indexer : Local action | Generate the node & admin certificates in local] ***************************************************************************************************************************************
changed: [192.168.57.103 -> localhost]

TASK [../roles/wazuh/wazuh-indexer : Local action | Check for Docker installation on macOS] ************************************************************************************************************************************************
skipping: [192.168.57.103]

TASK [../roles/wazuh/wazuh-indexer : Local action | Fail if Docker is not installed] *******************************************************************************************************************************************************
skipping: [192.168.57.103]

TASK [../roles/wazuh/wazuh-indexer : Local action | Run Docker container on macOS] *********************************************************************************************************************************************************
skipping: [192.168.57.103]

TASK [../roles/wazuh/wazuh-indexer : Local action | Remove Docker image after execution] ***************************************************************************************************************************************************
skipping: [192.168.57.103]

TASK [../roles/wazuh/wazuh-indexer : RedHat/CentOS/Fedora | Add Wazuh indexer repo] ********************************************************************************************************************************************************
skipping: [192.168.57.103]

----

TASK [../roles/wazuh/wazuh-dashboard : Configure Wazuh Dashboard Plugin] *******************************************************************************************************************************************************************
ok: [192.168.57.103]

TASK [../roles/wazuh/wazuh-dashboard : Configure opensearch.password in opensearch_dashboards.keystore] ************************************************************************************************************************************
changed: [192.168.57.103]

TASK [../roles/wazuh/wazuh-dashboard : Ensure Wazuh dashboard started and enabled] *********************************************************************************************************************************************************
changed: [192.168.57.103]

TASK [../roles/wazuh/wazuh-dashboard : Remove Wazuh dashboard repository (and clean up left-over metadata)] ********************************************************************************************************************************
skipping: [192.168.57.103]

RUNNING HANDLER [../roles/wazuh/wazuh-indexer : restart wazuh-indexer] *********************************************************************************************************************************************************************
changed: [192.168.57.103]

RUNNING HANDLER [../roles/wazuh/ansible-wazuh-manager : restart wazuh-manager] *************************************************************************************************************************************************************
changed: [192.168.57.103]

RUNNING HANDLER [../roles/wazuh/ansible-filebeat-oss : restart filebeat] *******************************************************************************************************************************************************************
changed: [192.168.57.103]

RUNNING HANDLER [../roles/wazuh/wazuh-dashboard : restart wazuh-dashboard] *****************************************************************************************************************************************************************
changed: [192.168.57.103]

PLAY RECAP *********************************************************************************************************************************************************************************************************************************
192.168.57.103             : ok=117  changed=61   unreachable=0    failed=0    skipped=91   rescued=0    ignored=0

Screenshot_20240628_104957

@c-bordon
Copy link
Member

Testing with variable in true

TASK [../roles/wazuh/wazuh-indexer : Check if certificates already exists] *****************************************************************************************************************************************************************
ok: [192.168.57.193 -> localhost]

TASK [../roles/wazuh/wazuh-indexer : Local action | Create local temporary directory for certificates generation] **************************************************************************************************************************
changed: [192.168.57.193 -> localhost]

TASK [../roles/wazuh/wazuh-indexer : Local action | Check that the generation tool exists] *************************************************************************************************************************************************
ok: [192.168.57.193 -> localhost]

TASK [../roles/wazuh/wazuh-indexer : Local action | Download certificates generation tool] *************************************************************************************************************************************************
skipping: [192.168.57.193]

TASK [../roles/wazuh/wazuh-indexer : Local action | Prepare the certificates generation template file] *************************************************************************************************************************************
changed: [192.168.57.193 -> localhost]

TASK [../roles/wazuh/wazuh-indexer : Local action | Generate the node & admin certificates in local] ***************************************************************************************************************************************
skipping: [192.168.57.193]

TASK [../roles/wazuh/wazuh-indexer : Local action | Check for Docker installation on macOS] ************************************************************************************************************************************************
changed: [192.168.57.193 -> localhost]

TASK [../roles/wazuh/wazuh-indexer : Local action | Fail if Docker is not installed] *******************************************************************************************************************************************************
skipping: [192.168.57.193]

TASK [../roles/wazuh/wazuh-indexer : Local action | Run Docker container on macOS] *********************************************************************************************************************************************************
changed: [192.168.57.193 -> localhost]

TASK [../roles/wazuh/wazuh-indexer : Local action | Remove Docker image after execution] ***************************************************************************************************************************************************
changed: [192.168.57.193 -> localhost]


---

TASK [../roles/wazuh/wazuh-dashboard : Ensure Wazuh dashboard started and enabled] *********************************************************************************************************************************************************
changed: [192.168.57.193]

TASK [../roles/wazuh/wazuh-dashboard : Remove Wazuh dashboard repository (and clean up left-over metadata)] ********************************************************************************************************************************
skipping: [192.168.57.193]

RUNNING HANDLER [../roles/wazuh/wazuh-indexer : restart wazuh-indexer] *********************************************************************************************************************************************************************
changed: [192.168.57.193]

RUNNING HANDLER [../roles/wazuh/ansible-wazuh-manager : restart wazuh-manager] *************************************************************************************************************************************************************
changed: [192.168.57.193]

RUNNING HANDLER [../roles/wazuh/ansible-filebeat-oss : restart filebeat] *******************************************************************************************************************************************************************
changed: [192.168.57.193]

RUNNING HANDLER [../roles/wazuh/wazuh-dashboard : restart wazuh-dashboard] *****************************************************************************************************************************************************************
changed: [192.168.57.193]

PLAY RECAP *********************************************************************************************************************************************************************************************************************************
192.168.57.193             : ok=118  changed=62   unreachable=0    failed=0    skipped=90   rescued=0    ignored=0

Screenshot_20240628_110358

@c-bordon
Copy link
Member

Test with macOS variable in false on Distributed deploy

TASK [../roles/wazuh/wazuh-indexer : Check if certificates already exists] *****************************************************************************************************************************************************************
ok: [wi1 -> localhost]

TASK [../roles/wazuh/wazuh-indexer : Local action | Create local temporary directory for certificates generation] **************************************************************************************************************************
changed: [wi1 -> localhost]

TASK [../roles/wazuh/wazuh-indexer : Local action | Check that the generation tool exists] *************************************************************************************************************************************************
ok: [wi1 -> localhost]

TASK [../roles/wazuh/wazuh-indexer : Local action | Download certificates generation tool] *************************************************************************************************************************************************
changed: [wi1 -> localhost]

TASK [../roles/wazuh/wazuh-indexer : Local action | Prepare the certificates generation template file] *************************************************************************************************************************************
changed: [wi1 -> localhost]

TASK [../roles/wazuh/wazuh-indexer : Local action | Generate the node & admin certificates in local] ***************************************************************************************************************************************
changed: [wi1 -> localhost]

TASK [../roles/wazuh/wazuh-indexer : Local action | Check for Docker installation on macOS] ************************************************************************************************************************************************
skipping: [wi1]

TASK [../roles/wazuh/wazuh-indexer : Local action | Fail if Docker is not installed] *******************************************************************************************************************************************************
skipping: [wi1]

TASK [../roles/wazuh/wazuh-indexer : Local action | Run Docker container on macOS] *********************************************************************************************************************************************************
skipping: [wi1]

TASK [../roles/wazuh/wazuh-indexer : Local action | Remove Docker image after execution] ***************************************************************************************************************************************************
skipping: [wi1]


---


TASK [../roles/wazuh/wazuh-dashboard : Attempting to delete legacy Wazuh index if exists] **************************************************************************************************************************************************
ok: [dashboard]

TASK [../roles/wazuh/wazuh-dashboard : Create Wazuh Plugin config directory] ***************************************************************************************************************************************************************
ok: [dashboard]

TASK [../roles/wazuh/wazuh-dashboard : Configure Wazuh Dashboard Plugin] *******************************************************************************************************************************************************************
ok: [dashboard]

TASK [../roles/wazuh/wazuh-dashboard : Configure opensearch.password in opensearch_dashboards.keystore] ************************************************************************************************************************************
changed: [dashboard]

TASK [../roles/wazuh/wazuh-dashboard : Ensure Wazuh dashboard started and enabled] *********************************************************************************************************************************************************
changed: [dashboard]

TASK [../roles/wazuh/wazuh-dashboard : Remove Wazuh dashboard repository (and clean up left-over metadata)] ********************************************************************************************************************************
skipping: [dashboard]

RUNNING HANDLER [../roles/wazuh/wazuh-dashboard : restart wazuh-dashboard] *****************************************************************************************************************************************************************
changed: [dashboard]

PLAY RECAP *********************************************************************************************************************************************************************************************************************************
dashboard                  : ok=22   changed=12   unreachable=0    failed=0    skipped=5    rescued=0    ignored=0   
manager                    : ok=60   changed=32   unreachable=0    failed=0    skipped=28   rescued=0    ignored=0   
wi1                        : ok=41   changed=27   unreachable=0    failed=0    skipped=54   rescued=0    ignored=0   
wi2                        : ok=27   changed=18   unreachable=0    failed=0    skipped=27   rescued=0    ignored=0   
wi3                        : ok=27   changed=18   unreachable=0    failed=0    skipped=27   rescued=0    ignored=0   
wi4                        : ok=0    changed=0    unreachable=1    failed=0    skipped=0    rescued=0    ignored=0   
worker                     : ok=56   changed=28   unreachable=0    failed=0    skipped=32   rescued=0    ignored=0

Screenshot_20240628_115012

@c-bordon
Copy link
Member

Test with macOS variable on true to Distributed deployment

TASK [../roles/wazuh/wazuh-indexer : Check if certificates already exists] *****************************************************************************************************************************************************************
ok: [wi1 -> localhost]

TASK [../roles/wazuh/wazuh-indexer : Local action | Create local temporary directory for certificates generation] **************************************************************************************************************************
changed: [wi1 -> localhost]

TASK [../roles/wazuh/wazuh-indexer : Local action | Check that the generation tool exists] *************************************************************************************************************************************************
ok: [wi1 -> localhost]

TASK [../roles/wazuh/wazuh-indexer : Local action | Download certificates generation tool] *************************************************************************************************************************************************
skipping: [wi1]

TASK [../roles/wazuh/wazuh-indexer : Local action | Prepare the certificates generation template file] *************************************************************************************************************************************
changed: [wi1 -> localhost]

TASK [../roles/wazuh/wazuh-indexer : Local action | Generate the node & admin certificates in local] ***************************************************************************************************************************************
skipping: [wi1]

TASK [../roles/wazuh/wazuh-indexer : Local action | Check for Docker installation on macOS] ************************************************************************************************************************************************
changed: [wi1 -> localhost]

TASK [../roles/wazuh/wazuh-indexer : Local action | Fail if Docker is not installed] *******************************************************************************************************************************************************
skipping: [wi1]

TASK [../roles/wazuh/wazuh-indexer : Local action | Run Docker container on macOS] *********************************************************************************************************************************************************
changed: [wi1 -> localhost]

TASK [../roles/wazuh/wazuh-indexer : Local action | Remove Docker image after execution] ***************************************************************************************************************************************************
changed: [wi1 -> localhost]


----

TASK [../roles/wazuh/wazuh-dashboard : Copy Configuration File] ****************************************************************************************************************************************************************************
changed: [dashboard]

TASK [../roles/wazuh/wazuh-dashboard : Ensuring Wazuh dashboard directory owner] ***********************************************************************************************************************************************************
ok: [dashboard]

TASK [../roles/wazuh/wazuh-dashboard : Wait for Wazuh-Indexer port] ************************************************************************************************************************************************************************
ok: [dashboard]

TASK [../roles/wazuh/wazuh-dashboard : Select correct API protocol] ************************************************************************************************************************************************************************
ok: [dashboard]

TASK [../roles/wazuh/wazuh-dashboard : Attempting to delete legacy Wazuh index if exists] **************************************************************************************************************************************************
ok: [dashboard]

TASK [../roles/wazuh/wazuh-dashboard : Create Wazuh Plugin config directory] ***************************************************************************************************************************************************************
ok: [dashboard]

TASK [../roles/wazuh/wazuh-dashboard : Configure Wazuh Dashboard Plugin] *******************************************************************************************************************************************************************
ok: [dashboard]

TASK [../roles/wazuh/wazuh-dashboard : Configure opensearch.password in opensearch_dashboards.keystore] ************************************************************************************************************************************
changed: [dashboard]

TASK [../roles/wazuh/wazuh-dashboard : Ensure Wazuh dashboard started and enabled] *********************************************************************************************************************************************************
changed: [dashboard]

TASK [../roles/wazuh/wazuh-dashboard : Remove Wazuh dashboard repository (and clean up left-over metadata)] ********************************************************************************************************************************
skipping: [dashboard]

RUNNING HANDLER [../roles/wazuh/wazuh-dashboard : restart wazuh-dashboard] *****************************************************************************************************************************************************************
changed: [dashboard]

PLAY RECAP *********************************************************************************************************************************************************************************************************************************
dashboard                  : ok=22   changed=12   unreachable=0    failed=0    skipped=5    rescued=0    ignored=0   
manager                    : ok=60   changed=32   unreachable=0    failed=0    skipped=28   rescued=0    ignored=0   
wi1                        : ok=42   changed=28   unreachable=0    failed=0    skipped=53   rescued=0    ignored=0   
wi2                        : ok=27   changed=18   unreachable=0    failed=0    skipped=27   rescued=0    ignored=0   
wi3                        : ok=27   changed=18   unreachable=0    failed=0    skipped=27   rescued=0    ignored=0   
worker                     : ok=56   changed=28   unreachable=0    failed=0    skipped=32   rescued=0    ignored=0

Screenshot_20240628_124123

@c-bordon c-bordon mentioned this issue Jun 28, 2024
Merged
@c-bordon c-bordon linked a pull request Jun 28, 2024 that will close this issue
Added support for deploying to an Ansible node on macOS #1325
Merged
@c-bordon c-bordon mentioned this issue Jun 28, 2024
Merged
7 tasks
@c-bordon c-bordon linked a pull request Jun 28, 2024 that will close this issue
Added warning note for Ansible deployment when using macOS as Ansible node wazuh/wazuh-documentation#7485
Merged
7 tasks
@Enaraque
Copy link
Member

Update report

When running the playbook from a native macOS, everything works as expected. The certificates are created correctly via the docker image and the installation of the AIO on the remote machine completes correctly.

Tests

Playbook execution

Deploy logs 
sudo ansible-playbook playbooks/wazuh-single.yml -i inventory_aio

PLAY [aio] *******************************************************************************************************************************************************************************************************************************

TASK [Gathering Facts] *******************************************************************************************************************************************************************************************************************
[WARNING]: Platform linux on host 3.85.101.227 is using the discovered Python interpreter at /usr/bin/python3.10, but future installation of another Python interpreter could change the meaning of that path. See
https://docs.ansible.com/ansible-core/2.17/reference_appendices/interpreter_discovery.html for more information.
ok: [3.85.101.227]

TASK [../roles/wazuh/wazuh-indexer : include_vars] ***************************************************************************************************************************************************************************************
ok: [3.85.101.227]

TASK [../roles/wazuh/wazuh-indexer : include_vars] ***************************************************************************************************************************************************************************************
ok: [3.85.101.227]

TASK [../roles/wazuh/wazuh-indexer : include_vars] ***************************************************************************************************************************************************************************************
skipping: [3.85.101.227]

TASK [../roles/wazuh/wazuh-indexer : include_vars] ***************************************************************************************************************************************************************************************
skipping: [3.85.101.227]

TASK [../roles/wazuh/wazuh-indexer : Check if certificates already exists] ***************************************************************************************************************************************************************
ok: [3.85.101.227 -> localhost]

TASK [../roles/wazuh/wazuh-indexer : Local action | Create local temporary directory for certificates generation] ************************************************************************************************************************
changed: [3.85.101.227 -> localhost]

TASK [../roles/wazuh/wazuh-indexer : Local action | Check that the generation tool exists] ***********************************************************************************************************************************************
ok: [3.85.101.227 -> localhost]

TASK [../roles/wazuh/wazuh-indexer : Local action | Download certificates generation tool] ***********************************************************************************************************************************************
skipping: [3.85.101.227]

TASK [../roles/wazuh/wazuh-indexer : Local action | Prepare the certificates generation template file] ***********************************************************************************************************************************
changed: [3.85.101.227 -> localhost]

TASK [../roles/wazuh/wazuh-indexer : Local action | Generate the node & admin certificates in local] *************************************************************************************************************************************
skipping: [3.85.101.227]

TASK [../roles/wazuh/wazuh-indexer : Local action | Check for Docker installation on macOS] **********************************************************************************************************************************************
changed: [3.85.101.227 -> localhost]

TASK [../roles/wazuh/wazuh-indexer : Local action | Fail if Docker is not installed] *****************************************************************************************************************************************************
skipping: [3.85.101.227]

TASK [../roles/wazuh/wazuh-indexer : Local action | Run Docker container on macOS] *******************************************************************************************************************************************************
changed: [3.85.101.227 -> localhost]

TASK [../roles/wazuh/wazuh-indexer : Local action | Remove Docker image after execution] *************************************************************************************************************************************************
changed: [3.85.101.227 -> localhost]

TASK [../roles/wazuh/wazuh-indexer : RedHat/CentOS/Fedora | Add Wazuh indexer repo] ******************************************************************************************************************************************************
skipping: [3.85.101.227]

TASK [../roles/wazuh/wazuh-indexer : Install Amazon extras] ******************************************************************************************************************************************************************************
skipping: [3.85.101.227]

TASK [../roles/wazuh/wazuh-indexer : Configure vm.max_map_count] *************************************************************************************************************************************************************************
skipping: [3.85.101.227]

TASK [../roles/wazuh/wazuh-indexer : Update vm.max_map_count] ****************************************************************************************************************************************************************************
skipping: [3.85.101.227]

TASK [../roles/wazuh/wazuh-indexer : RedHat/CentOS/Fedora | Install Indexer dependencies] ************************************************************************************************************************************************
skipping: [3.85.101.227]

TASK [../roles/wazuh/wazuh-indexer : Install Wazuh indexer] ******************************************************************************************************************************************************************************
skipping: [3.85.101.227]

TASK [../roles/wazuh/wazuh-indexer : Update cache] ***************************************************************************************************************************************************************************************
skipping: [3.85.101.227]

TASK [../roles/wazuh/wazuh-indexer : Install Wazuh indexer dependencies] *****************************************************************************************************************************************************************
skipping: [3.85.101.227]

TASK [../roles/wazuh/wazuh-indexer : Add apt repository signing key] *********************************************************************************************************************************************************************
skipping: [3.85.101.227]

TASK [../roles/wazuh/wazuh-indexer : Import Wazuh repository GPG key] ********************************************************************************************************************************************************************
skipping: [3.85.101.227]

TASK [../roles/wazuh/wazuh-indexer : Set permissions for Wazuh repository GPG key] *******************************************************************************************************************************************************
skipping: [3.85.101.227]

TASK [../roles/wazuh/wazuh-indexer : Add Wazuh indexer repository] ***********************************************************************************************************************************************************************
skipping: [3.85.101.227]

TASK [../roles/wazuh/wazuh-indexer : Install Wazuh indexer] ******************************************************************************************************************************************************************************
skipping: [3.85.101.227]

TASK [../roles/wazuh/wazuh-indexer : Remove performance analyzer plugin from Wazuh indexer] **********************************************************************************************************************************************
skipping: [3.85.101.227]

TASK [../roles/wazuh/wazuh-indexer : Remove Opensearch configuration file] ***************************************************************************************************************************************************************
skipping: [3.85.101.227]

TASK [../roles/wazuh/wazuh-indexer : Copy Opensearch Configuration File] *****************************************************************************************************************************************************************
skipping: [3.85.101.227]

TASK [../roles/wazuh/wazuh-indexer : include_tasks] **************************************************************************************************************************************************************************************
skipping: [3.85.101.227]

TASK [../roles/wazuh/wazuh-indexer : Configure Wazuh indexer JVM memmory.] ***************************************************************************************************************************************************************
skipping: [3.85.101.227]

TASK [../roles/wazuh/wazuh-indexer : Ensure extra time for Wazuh indexer to start on reboots] ********************************************************************************************************************************************
skipping: [3.85.101.227]

TASK [../roles/wazuh/wazuh-indexer : Index files to remove] ******************************************************************************************************************************************************************************
skipping: [3.85.101.227]

TASK [../roles/wazuh/wazuh-indexer : Remove Index Files] *********************************************************************************************************************************************************************************
skipping: [3.85.101.227]

TASK [../roles/wazuh/wazuh-indexer : Ensure Wazuh indexer started and enabled] ***********************************************************************************************************************************************************
skipping: [3.85.101.227]

TASK [../roles/wazuh/wazuh-indexer : Wait for Wazuh indexer API] *************************************************************************************************************************************************************************
skipping: [3.85.101.227]

TASK [../roles/wazuh/wazuh-indexer : Wait for Wazuh indexer API (Private IP)] ************************************************************************************************************************************************************
skipping: [3.85.101.227]

TASK [../roles/wazuh/wazuh-indexer : RedHat/CentOS/Fedora | Remove Wazuh indexer repository (and clean up left-over metadata)] ***********************************************************************************************************
skipping: [3.85.101.227]

TASK [../roles/wazuh/wazuh-indexer : Reload systemd configuration] ***********************************************************************************************************************************************************************
skipping: [3.85.101.227]

PLAY [aio] *******************************************************************************************************************************************************************************************************************************

TASK [Gathering Facts] *******************************************************************************************************************************************************************************************************************
ok: [3.85.101.227]

TASK [../roles/wazuh/wazuh-indexer : include_vars] ***************************************************************************************************************************************************************************************
ok: [3.85.101.227]

TASK [../roles/wazuh/wazuh-indexer : include_vars] ***************************************************************************************************************************************************************************************
ok: [3.85.101.227]

TASK [../roles/wazuh/wazuh-indexer : include_vars] ***************************************************************************************************************************************************************************************
skipping: [3.85.101.227]

TASK [../roles/wazuh/wazuh-indexer : include_vars] ***************************************************************************************************************************************************************************************
skipping: [3.85.101.227]

TASK [../roles/wazuh/wazuh-indexer : Check if certificates already exists] ***************************************************************************************************************************************************************
ok: [3.85.101.227 -> localhost]

TASK [../roles/wazuh/wazuh-indexer : Local action | Create local temporary directory for certificates generation] ************************************************************************************************************************
skipping: [3.85.101.227]

TASK [../roles/wazuh/wazuh-indexer : Local action | Check that the generation tool exists] ***********************************************************************************************************************************************
skipping: [3.85.101.227]

TASK [../roles/wazuh/wazuh-indexer : Local action | Download certificates generation tool] ***********************************************************************************************************************************************
skipping: [3.85.101.227]

TASK [../roles/wazuh/wazuh-indexer : Local action | Prepare the certificates generation template file] ***********************************************************************************************************************************
skipping: [3.85.101.227]

TASK [../roles/wazuh/wazuh-indexer : Local action | Generate the node & admin certificates in local] *************************************************************************************************************************************
skipping: [3.85.101.227]

TASK [../roles/wazuh/wazuh-indexer : Local action | Check for Docker installation on macOS] **********************************************************************************************************************************************
skipping: [3.85.101.227]

TASK [../roles/wazuh/wazuh-indexer : Local action | Fail if Docker is not installed] *****************************************************************************************************************************************************
skipping: [3.85.101.227]

TASK [../roles/wazuh/wazuh-indexer : Local action | Run Docker container on macOS] *******************************************************************************************************************************************************
skipping: [3.85.101.227]

TASK [../roles/wazuh/wazuh-indexer : Local action | Remove Docker image after execution] *************************************************************************************************************************************************
skipping: [3.85.101.227]

TASK [../roles/wazuh/wazuh-indexer : RedHat/CentOS/Fedora | Add Wazuh indexer repo] ******************************************************************************************************************************************************
skipping: [3.85.101.227]

TASK [../roles/wazuh/wazuh-indexer : Install Amazon extras] ******************************************************************************************************************************************************************************
skipping: [3.85.101.227]

TASK [../roles/wazuh/wazuh-indexer : Configure vm.max_map_count] *************************************************************************************************************************************************************************
skipping: [3.85.101.227]

TASK [../roles/wazuh/wazuh-indexer : Update vm.max_map_count] ****************************************************************************************************************************************************************************
skipping: [3.85.101.227]

TASK [../roles/wazuh/wazuh-indexer : RedHat/CentOS/Fedora | Install Indexer dependencies] ************************************************************************************************************************************************
skipping: [3.85.101.227]

TASK [../roles/wazuh/wazuh-indexer : Install Wazuh indexer] ******************************************************************************************************************************************************************************
skipping: [3.85.101.227]

TASK [../roles/wazuh/wazuh-indexer : Update cache] ***************************************************************************************************************************************************************************************
changed: [3.85.101.227]

TASK [../roles/wazuh/wazuh-indexer : Install Wazuh indexer dependencies] *****************************************************************************************************************************************************************
skipping: [3.85.101.227]

TASK [../roles/wazuh/wazuh-indexer : Add apt repository signing key] *********************************************************************************************************************************************************************
changed: [3.85.101.227]

TASK [../roles/wazuh/wazuh-indexer : Import Wazuh repository GPG key] ********************************************************************************************************************************************************************
changed: [3.85.101.227]

TASK [../roles/wazuh/wazuh-indexer : Set permissions for Wazuh repository GPG key] *******************************************************************************************************************************************************
changed: [3.85.101.227]

TASK [../roles/wazuh/wazuh-indexer : Add Wazuh indexer repository] ***********************************************************************************************************************************************************************
changed: [3.85.101.227]

TASK [../roles/wazuh/wazuh-indexer : Install Wazuh indexer] ******************************************************************************************************************************************************************************
changed: [3.85.101.227]

TASK [../roles/wazuh/wazuh-indexer : Remove performance analyzer plugin from Wazuh indexer] **********************************************************************************************************************************************
changed: [3.85.101.227]

TASK [../roles/wazuh/wazuh-indexer : Remove Opensearch configuration file] ***************************************************************************************************************************************************************
changed: [3.85.101.227]

TASK [../roles/wazuh/wazuh-indexer : Copy Opensearch Configuration File] *****************************************************************************************************************************************************************
changed: [3.85.101.227]

TASK [../roles/wazuh/wazuh-indexer : include_tasks] **************************************************************************************************************************************************************************************
included: /Users/enriquearaqueespinosa/work-wazuh/wazuh-repos/wazuh-ansible/roles/wazuh/wazuh-indexer/tasks/security_actions.yml for 3.85.101.227

TASK [../roles/wazuh/wazuh-indexer : Configure IP (Private address)] *********************************************************************************************************************************************************************
skipping: [3.85.101.227]

TASK [../roles/wazuh/wazuh-indexer : Configure IP (Public address)] **********************************************************************************************************************************************************************
ok: [3.85.101.227]

TASK [../roles/wazuh/wazuh-indexer : Ensure Indexer certificates directory permissions.] *************************************************************************************************************************************************
changed: [3.85.101.227]

TASK [../roles/wazuh/wazuh-indexer : Copy the node & admin certificates to Wazuh indexer cluster] ****************************************************************************************************************************************
changed: [3.85.101.227] => (item=root-ca.pem)
changed: [3.85.101.227] => (item=root-ca.key)
changed: [3.85.101.227] => (item=node-1-key.pem)
changed: [3.85.101.227] => (item=node-1.pem)
changed: [3.85.101.227] => (item=admin-key.pem)
changed: [3.85.101.227] => (item=admin.pem)

TASK [../roles/wazuh/wazuh-indexer : Restart Wazuh indexer with security configuration] **************************************************************************************************************************************************
changed: [3.85.101.227]

TASK [../roles/wazuh/wazuh-indexer : Copy the Opensearch security internal users template] ***********************************************************************************************************************************************
changed: [3.85.101.227]

TASK [../roles/wazuh/wazuh-indexer : Hashing the custom admin password] ******************************************************************************************************************************************************************
changed: [3.85.101.227]

TASK [../roles/wazuh/wazuh-indexer : Set the Admin user password] ************************************************************************************************************************************************************************
changed: [3.85.101.227]

TASK [../roles/wazuh/wazuh-indexer : Hash the kibanaserver role/user pasword] ************************************************************************************************************************************************************
changed: [3.85.101.227]

TASK [../roles/wazuh/wazuh-indexer : Set the kibanaserver user password] *****************************************************************************************************************************************************************
changed: [3.85.101.227]

TASK [../roles/wazuh/wazuh-indexer : Initialize the Opensearch security index in Wazuh indexer] ******************************************************************************************************************************************
changed: [3.85.101.227]

TASK [../roles/wazuh/wazuh-indexer : Create custom user] *********************************************************************************************************************************************************************************
skipping: [3.85.101.227]

TASK [../roles/wazuh/wazuh-indexer : Configure Wazuh indexer JVM memmory.] ***************************************************************************************************************************************************************
changed: [3.85.101.227]

TASK [../roles/wazuh/wazuh-indexer : Ensure extra time for Wazuh indexer to start on reboots] ********************************************************************************************************************************************
changed: [3.85.101.227]

TASK [../roles/wazuh/wazuh-indexer : Index files to remove] ******************************************************************************************************************************************************************************
ok: [3.85.101.227]

TASK [../roles/wazuh/wazuh-indexer : Remove Index Files] *********************************************************************************************************************************************************************************
changed: [3.85.101.227] => (item={'path': '/var/lib/wazuh-indexer/rca_enabled.conf', 'mode': '0644', 'isdir': False, 'ischr': False, 'isblk': False, 'isreg': True, 'isfifo': False, 'islnk': False, 'issock': False, 'uid': 998, 'gid': 999, 'size': 5, 'inode': 531982, 'dev': 66305, 'nlink': 1, 'atime': 1720604534.381138, 'mtime': 1720604534.381138, 'ctime': 1720604534.381138, 'gr_name': 'wazuh-indexer', 'pw_name': 'wazuh-indexer', 'wusr': True, 'rusr': True, 'xusr': False, 'wgrp': False, 'rgrp': True, 'xgrp': False, 'woth': False, 'roth': True, 'xoth': False, 'isuid': False, 'isgid': False})
changed: [3.85.101.227] => (item={'path': '/var/lib/wazuh-indexer/batch_metrics_enabled.conf', 'mode': '0644', 'isdir': False, 'ischr': False, 'isblk': False, 'isreg': True, 'isfifo': False, 'islnk': False, 'issock': False, 'uid': 998, 'gid': 999, 'size': 6, 'inode': 531983, 'dev': 66305, 'nlink': 1, 'atime': 1720604534.381138, 'mtime': 1720604534.381138, 'ctime': 1720604534.385138, 'gr_name': 'wazuh-indexer', 'pw_name': 'wazuh-indexer', 'wusr': True, 'rusr': True, 'xusr': False, 'wgrp': False, 'rgrp': True, 'xgrp': False, 'woth': False, 'roth': True, 'xoth': False, 'isuid': False, 'isgid': False})
changed: [3.85.101.227] => (item={'path': '/var/lib/wazuh-indexer/performance_analyzer_enabled.conf', 'mode': '0644', 'isdir': False, 'ischr': False, 'isblk': False, 'isreg': True, 'isfifo': False, 'islnk': False, 'issock': False, 'uid': 998, 'gid': 999, 'size': 5, 'inode': 531981, 'dev': 66305, 'nlink': 1, 'atime': 1720604534.381138, 'mtime': 1720604534.381138, 'ctime': 1720604534.381138, 'gr_name': 'wazuh-indexer', 'pw_name': 'wazuh-indexer', 'wusr': True, 'rusr': True, 'xusr': False, 'wgrp': False, 'rgrp': True, 'xgrp': False, 'woth': False, 'roth': True, 'xoth': False, 'isuid': False, 'isgid': False})

TASK [../roles/wazuh/wazuh-indexer : Ensure Wazuh indexer started and enabled] ***********************************************************************************************************************************************************
ok: [3.85.101.227]

TASK [../roles/wazuh/wazuh-indexer : Wait for Wazuh indexer API] *************************************************************************************************************************************************************************
ok: [3.85.101.227]

TASK [../roles/wazuh/wazuh-indexer : Wait for Wazuh indexer API (Private IP)] ************************************************************************************************************************************************************
skipping: [3.85.101.227]

TASK [../roles/wazuh/wazuh-indexer : RedHat/CentOS/Fedora | Remove Wazuh indexer repository (and clean up left-over metadata)] ***********************************************************************************************************
skipping: [3.85.101.227]

TASK [../roles/wazuh/wazuh-indexer : Reload systemd configuration] ***********************************************************************************************************************************************************************
ok: [3.85.101.227]

TASK [../roles/wazuh/ansible-wazuh-manager : Install dependencies] ***********************************************************************************************************************************************************************
ok: [3.85.101.227]

TASK [../roles/wazuh/ansible-wazuh-manager : include_vars] *******************************************************************************************************************************************************************************
ok: [3.85.101.227]

TASK [../roles/wazuh/ansible-wazuh-manager : include_vars] *******************************************************************************************************************************************************************************
ok: [3.85.101.227]

TASK [../roles/wazuh/ansible-wazuh-manager : include_vars] *******************************************************************************************************************************************************************************
skipping: [3.85.101.227]

TASK [../roles/wazuh/ansible-wazuh-manager : include_vars] *******************************************************************************************************************************************************************************
skipping: [3.85.101.227]

TASK [../roles/wazuh/ansible-wazuh-manager : Overlay wazuh_manager_config on top of defaults] ********************************************************************************************************************************************
ok: [3.85.101.227]

TASK [../roles/wazuh/ansible-wazuh-manager : include_tasks] ******************************************************************************************************************************************************************************
skipping: [3.85.101.227]

TASK [../roles/wazuh/ansible-wazuh-manager : include_tasks] ******************************************************************************************************************************************************************************
included: /Users/enriquearaqueespinosa/work-wazuh/wazuh-repos/wazuh-ansible/roles/wazuh/ansible-wazuh-manager/tasks/Debian.yml for 3.85.101.227

TASK [../roles/wazuh/ansible-wazuh-manager : Debian/Ubuntu | Install apt-transport-https, ca-certificates and acl] ***********************************************************************************************************************
ok: [3.85.101.227]

TASK [../roles/wazuh/ansible-wazuh-manager : Debian/Ubuntu | Installing Wazuh repository key (Ubuntu 14)] ********************************************************************************************************************************
skipping: [3.85.101.227]

TASK [../roles/wazuh/ansible-wazuh-manager : Debian/Ubuntu | Download Wazuh repository key] **********************************************************************************************************************************************
ok: [3.85.101.227]

TASK [../roles/wazuh/ansible-wazuh-manager : Debian/Ubuntu | Import Wazuh GPG key] *******************************************************************************************************************************************************
ok: [3.85.101.227]

TASK [../roles/wazuh/ansible-wazuh-manager : Debian/Ubuntu | Set permissions for Wazuh GPG key] ******************************************************************************************************************************************
ok: [3.85.101.227]

TASK [../roles/wazuh/ansible-wazuh-manager : Debian/Ubuntu | Add Wazuh repositories] *****************************************************************************************************************************************************
ok: [3.85.101.227]

TASK [../roles/wazuh/ansible-wazuh-manager : Debian/Ubuntu | Set Distribution CIS filename for Debian/Ubuntu] ****************************************************************************************************************************
ok: [3.85.101.227]

TASK [../roles/wazuh/ansible-wazuh-manager : Debian/Ubuntu | Install OpenJDK-8 repo] *****************************************************************************************************************************************************
skipping: [3.85.101.227]

TASK [../roles/wazuh/ansible-wazuh-manager : Debian/Ubuntu | Install OpenJDK 1.8] ********************************************************************************************************************************************************
skipping: [3.85.101.227]

TASK [../roles/wazuh/ansible-wazuh-manager : Debian/Ubuntu | Install OpenScap] ***********************************************************************************************************************************************************
skipping: [3.85.101.227]

TASK [../roles/wazuh/ansible-wazuh-manager : Debian/Ubuntu | Get OpenScap installed version] *********************************************************************************************************************************************
skipping: [3.85.101.227]

TASK [../roles/wazuh/ansible-wazuh-manager : Debian/Ubuntu | Check OpenScap version] *****************************************************************************************************************************************************
skipping: [3.85.101.227]

TASK [../roles/wazuh/ansible-wazuh-manager : Debian/Ubuntu | Install wazuh-manager] ******************************************************************************************************************************************************
changed: [3.85.101.227]

TASK [../roles/wazuh/ansible-wazuh-manager : include_tasks] ******************************************************************************************************************************************************************************
skipping: [3.85.101.227]

TASK [../roles/wazuh/ansible-wazuh-manager : Generate the wazuh-keystore (username)] *****************************************************************************************************************************************************
changed: [3.85.101.227]

TASK [../roles/wazuh/ansible-wazuh-manager : Generate the wazuh-keystore (password)] *****************************************************************************************************************************************************
changed: [3.85.101.227]

TASK [../roles/wazuh/ansible-wazuh-manager : Install expect] *****************************************************************************************************************************************************************************
ok: [3.85.101.227]

TASK [../roles/wazuh/ansible-wazuh-manager : Generate SSL files for authd] ***************************************************************************************************************************************************************
skipping: [3.85.101.227]

TASK [../roles/wazuh/ansible-wazuh-manager : Copy CA, SSL key and cert for authd] ********************************************************************************************************************************************************
skipping: [3.85.101.227] => (item=)
skipping: [3.85.101.227] => (item=sslmanager.cert)
skipping: [3.85.101.227] => (item=sslmanager.key)
skipping: [3.85.101.227]

TASK [../roles/wazuh/ansible-wazuh-manager : Verifying for old init authd service] *******************************************************************************************************************************************************
ok: [3.85.101.227]

TASK [../roles/wazuh/ansible-wazuh-manager : Verifying for old systemd authd service] ****************************************************************************************************************************************************
ok: [3.85.101.227]

TASK [../roles/wazuh/ansible-wazuh-manager : Ensure ossec-authd service is disabled] *****************************************************************************************************************************************************
skipping: [3.85.101.227]

TASK [../roles/wazuh/ansible-wazuh-manager : Removing old init authd services] ***********************************************************************************************************************************************************
skipping: [3.85.101.227] => (item=/etc/init.d/ossec-authd)
skipping: [3.85.101.227] => (item=/lib/systemd/system/ossec-authd.service)
skipping: [3.85.101.227]

TASK [../roles/wazuh/ansible-wazuh-manager : Installing the local_rules.xml (default local_rules.xml)] ***********************************************************************************************************************************
changed: [3.85.101.227]

TASK [../roles/wazuh/ansible-wazuh-manager : Adding local rules files] *******************************************************************************************************************************************************************
changed: [3.85.101.227]

TASK [../roles/wazuh/ansible-wazuh-manager : Installing the local_decoder.xml] ***********************************************************************************************************************************************************
changed: [3.85.101.227]

TASK [../roles/wazuh/ansible-wazuh-manager : Adding local decoders files] ****************************************************************************************************************************************************************
changed: [3.85.101.227]

TASK [../roles/wazuh/ansible-wazuh-manager : Configure the shared-agent.conf] ************************************************************************************************************************************************************
skipping: [3.85.101.227]

TASK [../roles/wazuh/ansible-wazuh-manager : Installing the local_internal_options.conf] *************************************************************************************************************************************************
changed: [3.85.101.227]

TASK [../roles/wazuh/ansible-wazuh-manager : Retrieving Agentless Credentials] ***********************************************************************************************************************************************************
ok: [3.85.101.227]

TASK [../roles/wazuh/ansible-wazuh-manager : Retrieving authd Credentials] ***************************************************************************************************************************************************************
ok: [3.85.101.227]

TASK [../roles/wazuh/ansible-wazuh-manager : Check if syslog output is enabled] **********************************************************************************************************************************************************
skipping: [3.85.101.227] => (item={'server': None, 'port': None, 'format': None})
skipping: [3.85.101.227]

TASK [../roles/wazuh/ansible-wazuh-manager : Check if client-syslog is enabled] **********************************************************************************************************************************************************
ok: [3.85.101.227]

TASK [../roles/wazuh/ansible-wazuh-manager : Enable client-syslog] ***********************************************************************************************************************************************************************
skipping: [3.85.101.227]

TASK [../roles/wazuh/ansible-wazuh-manager : Check if ossec-agentlessd is enabled] *******************************************************************************************************************************************************
ok: [3.85.101.227]

TASK [../roles/wazuh/ansible-wazuh-manager : Enable ossec-agentlessd] ********************************************************************************************************************************************************************
skipping: [3.85.101.227]

TASK [../roles/wazuh/ansible-wazuh-manager : Checking alert log output settings] *********************************************************************************************************************************************************
skipping: [3.85.101.227]

TASK [../roles/wazuh/ansible-wazuh-manager : Configure ossec.conf] ***********************************************************************************************************************************************************************
changed: [3.85.101.227]

TASK [../roles/wazuh/ansible-wazuh-manager : Ossec-authd password] ***********************************************************************************************************************************************************************
skipping: [3.85.101.227]

TASK [../roles/wazuh/ansible-wazuh-manager : Copy create_user script] ********************************************************************************************************************************************************************
skipping: [3.85.101.227]

TASK [../roles/wazuh/ansible-wazuh-manager : Create admin.json] **************************************************************************************************************************************************************************
skipping: [3.85.101.227]

TASK [../roles/wazuh/ansible-wazuh-manager : Execute create_user script] *****************************************************************************************************************************************************************
skipping: [3.85.101.227]

TASK [../roles/wazuh/ansible-wazuh-manager : Delete create_user script] ******************************************************************************************************************************************************************
skipping: [3.85.101.227]

TASK [../roles/wazuh/ansible-wazuh-manager : Agentless Hosts & Passwd] *******************************************************************************************************************************************************************
skipping: [3.85.101.227]

TASK [../roles/wazuh/ansible-wazuh-manager : Encode the secret] **************************************************************************************************************************************************************************
skipping: [3.85.101.227]

TASK [../roles/wazuh/ansible-wazuh-manager : Ensure Wazuh Manager service is started and enabled.] ***************************************************************************************************************************************
changed: [3.85.101.227]

TASK [../roles/wazuh/ansible-wazuh-manager : Create agent groups] ************************************************************************************************************************************************************************
skipping: [3.85.101.227]

TASK [../roles/wazuh/ansible-wazuh-manager : Run uninstall tasks] ************************************************************************************************************************************************************************
included: /Users/enriquearaqueespinosa/work-wazuh/wazuh-repos/wazuh-ansible/roles/wazuh/ansible-wazuh-manager/tasks/uninstall.yml for 3.85.101.227

TASK [../roles/wazuh/ansible-wazuh-manager : Debian/Ubuntu | Remove Wazuh repository.] ***************************************************************************************************************************************************
ok: [3.85.101.227]

TASK [../roles/wazuh/ansible-wazuh-manager : RedHat/CentOS/Fedora | Remove Wazuh repository (and clean up left-over metadata)] ***********************************************************************************************************
skipping: [3.85.101.227]

TASK [../roles/wazuh/ansible-filebeat-oss : include_vars] ********************************************************************************************************************************************************************************
ok: [3.85.101.227]

TASK [../roles/wazuh/ansible-filebeat-oss : include_vars] ********************************************************************************************************************************************************************************
ok: [3.85.101.227]

TASK [../roles/wazuh/ansible-filebeat-oss : include_vars] ********************************************************************************************************************************************************************************
skipping: [3.85.101.227]

TASK [../roles/wazuh/ansible-filebeat-oss : include_tasks] *******************************************************************************************************************************************************************************
skipping: [3.85.101.227]

TASK [../roles/wazuh/ansible-filebeat-oss : include_tasks] *******************************************************************************************************************************************************************************
included: /Users/enriquearaqueespinosa/work-wazuh/wazuh-repos/wazuh-ansible/roles/wazuh/ansible-filebeat-oss/tasks/Debian.yml for 3.85.101.227

TASK [../roles/wazuh/ansible-filebeat-oss : Debian/Ubuntu | Install apt-transport-https, ca-certificates and acl] ************************************************************************************************************************
ok: [3.85.101.227]

TASK [../roles/wazuh/ansible-filebeat-oss : Debian/Ubuntu | Download Filebeat apt key.] **************************************************************************************************************************************************
ok: [3.85.101.227]

TASK [../roles/wazuh/ansible-filebeat-oss : Import Filebeat GPG key] *********************************************************************************************************************************************************************
ok: [3.85.101.227]

TASK [../roles/wazuh/ansible-filebeat-oss : Set permissions for Filebeat GPG key] ********************************************************************************************************************************************************
ok: [3.85.101.227]

TASK [../roles/wazuh/ansible-filebeat-oss : Debian/Ubuntu | Add Filebeat-oss repository.] ************************************************************************************************************************************************
ok: [3.85.101.227]

TASK [../roles/wazuh/ansible-filebeat-oss : Install Filebeat | Redhat] *******************************************************************************************************************************************************************
skipping: [3.85.101.227]

TASK [../roles/wazuh/ansible-filebeat-oss : Install Filebeat | Debian] *******************************************************************************************************************************************************************
changed: [3.85.101.227]

TASK [../roles/wazuh/ansible-filebeat-oss : Checking if Filebeat Module folder file exists] **********************************************************************************************************************************************
ok: [3.85.101.227]

TASK [../roles/wazuh/ansible-filebeat-oss : Download Filebeat module package] ************************************************************************************************************************************************************
changed: [3.85.101.227]

TASK [../roles/wazuh/ansible-filebeat-oss : Unpack Filebeat module package] **************************************************************************************************************************************************************
changed: [3.85.101.227]

TASK [../roles/wazuh/ansible-filebeat-oss : Setting 0755 permission for Filebeat module folder] ******************************************************************************************************************************************
ok: [3.85.101.227]

TASK [../roles/wazuh/ansible-filebeat-oss : Checking if Filebeat Module package file exists] *********************************************************************************************************************************************
ok: [3.85.101.227]

TASK [../roles/wazuh/ansible-filebeat-oss : Delete Filebeat module package file] *********************************************************************************************************************************************************
changed: [3.85.101.227]

TASK [../roles/wazuh/ansible-filebeat-oss : Copy Filebeat configuration.] ****************************************************************************************************************************************************************
changed: [3.85.101.227]

TASK [../roles/wazuh/ansible-filebeat-oss : Fetch latest Wazuh alerts template] **********************************************************************************************************************************************************
changed: [3.85.101.227]

TASK [../roles/wazuh/ansible-filebeat-oss : include_tasks] *******************************************************************************************************************************************************************************
included: /Users/enriquearaqueespinosa/work-wazuh/wazuh-repos/wazuh-ansible/roles/wazuh/ansible-filebeat-oss/tasks/security_actions.yml for 3.85.101.227

TASK [../roles/wazuh/ansible-filebeat-oss : Ensure Filebeat SSL key pair directory exists.] **********************************************************************************************************************************************
ok: [3.85.101.227]

TASK [../roles/wazuh/ansible-filebeat-oss : Copy the certificates from local to the Manager instance] ************************************************************************************************************************************
changed: [3.85.101.227] => (item=node-1-key.pem)
changed: [3.85.101.227] => (item=node-1.pem)
changed: [3.85.101.227] => (item=root-ca.pem)

TASK [../roles/wazuh/ansible-filebeat-oss : Ensure Filebeat is started and enabled at boot.] *********************************************************************************************************************************************
changed: [3.85.101.227]

TASK [../roles/wazuh/ansible-filebeat-oss : include_tasks] *******************************************************************************************************************************************************************************
skipping: [3.85.101.227]

TASK [../roles/wazuh/ansible-filebeat-oss : include_tasks] *******************************************************************************************************************************************************************************
included: /Users/enriquearaqueespinosa/work-wazuh/wazuh-repos/wazuh-ansible/roles/wazuh/ansible-filebeat-oss/tasks/RMDebian.yml for 3.85.101.227

TASK [../roles/wazuh/ansible-filebeat-oss : Debian/Ubuntu | Remove Filebeat repository (and clean up left-over metadata)] ****************************************************************************************************************
ok: [3.85.101.227]

TASK [../roles/wazuh/wazuh-dashboard : include_vars] *************************************************************************************************************************************************************************************
ok: [3.85.101.227]

TASK [../roles/wazuh/wazuh-dashboard : include_vars] *************************************************************************************************************************************************************************************
ok: [3.85.101.227]

TASK [../roles/wazuh/wazuh-dashboard : include_vars] *************************************************************************************************************************************************************************************
skipping: [3.85.101.227]

TASK [../roles/wazuh/wazuh-dashboard : include_vars] *************************************************************************************************************************************************************************************
skipping: [3.85.101.227]

TASK [../roles/wazuh/wazuh-dashboard : RedHat/CentOS/Fedora | Add Wazuh dashboard repo] **************************************************************************************************************************************************
skipping: [3.85.101.227]

TASK [../roles/wazuh/wazuh-dashboard : Install Wazuh dashboard] **************************************************************************************************************************************************************************
skipping: [3.85.101.227]

TASK [../roles/wazuh/wazuh-dashboard : include_vars] *************************************************************************************************************************************************************************************
ok: [3.85.101.227]

TASK [../roles/wazuh/wazuh-dashboard : Download apt repository signing key] **************************************************************************************************************************************************************
ok: [3.85.101.227]

TASK [../roles/wazuh/wazuh-dashboard : Import Wazuh repository GPG key] ******************************************************************************************************************************************************************
ok: [3.85.101.227]

TASK [../roles/wazuh/wazuh-dashboard : Set permissions for Wazuh repository GPG key] *****************************************************************************************************************************************************
ok: [3.85.101.227]

TASK [../roles/wazuh/wazuh-dashboard : Debian systems | Add Wazuh dashboard repo] ********************************************************************************************************************************************************
changed: [3.85.101.227]

TASK [../roles/wazuh/wazuh-dashboard : Install Wazuh dashboard] **************************************************************************************************************************************************************************
changed: [3.85.101.227]

TASK [../roles/wazuh/wazuh-dashboard : Remove Dashboard configuration file] **************************************************************************************************************************************************************
changed: [3.85.101.227]

TASK [../roles/wazuh/wazuh-dashboard : Ensure Dashboard certificates directory permissions.] *********************************************************************************************************************************************
changed: [3.85.101.227]

TASK [../roles/wazuh/wazuh-dashboard : Copy the certificates from local to the Wazuh dashboard instance] *********************************************************************************************************************************
changed: [3.85.101.227] => (item=root-ca.pem)
changed: [3.85.101.227] => (item=node-1-key.pem)
changed: [3.85.101.227] => (item=node-1.pem)

TASK [../roles/wazuh/wazuh-dashboard : Copy Configuration File] **************************************************************************************************************************************************************************
changed: [3.85.101.227]

TASK [../roles/wazuh/wazuh-dashboard : Ensuring Wazuh dashboard directory owner] *********************************************************************************************************************************************************
ok: [3.85.101.227]

TASK [../roles/wazuh/wazuh-dashboard : Wait for Wazuh-Indexer port] **********************************************************************************************************************************************************************
ok: [3.85.101.227]

TASK [../roles/wazuh/wazuh-dashboard : Select correct API protocol] **********************************************************************************************************************************************************************
ok: [3.85.101.227]

TASK [../roles/wazuh/wazuh-dashboard : Attempting to delete legacy Wazuh index if exists] ************************************************************************************************************************************************
ok: [3.85.101.227]

TASK [../roles/wazuh/wazuh-dashboard : Create Wazuh Plugin config directory] *************************************************************************************************************************************************************
ok: [3.85.101.227]

TASK [../roles/wazuh/wazuh-dashboard : Configure Wazuh Dashboard Plugin] *****************************************************************************************************************************************************************
ok: [3.85.101.227]

TASK [../roles/wazuh/wazuh-dashboard : Configure opensearch.password in opensearch_dashboards.keystore] **********************************************************************************************************************************
changed: [3.85.101.227]

TASK [../roles/wazuh/wazuh-dashboard : Ensure Wazuh dashboard started and enabled] *******************************************************************************************************************************************************
changed: [3.85.101.227]

TASK [../roles/wazuh/wazuh-dashboard : Remove Wazuh dashboard repository (and clean up left-over metadata)] ******************************************************************************************************************************
skipping: [3.85.101.227]

RUNNING HANDLER [../roles/wazuh/wazuh-indexer : restart wazuh-indexer] *******************************************************************************************************************************************************************
changed: [3.85.101.227]

RUNNING HANDLER [../roles/wazuh/ansible-wazuh-manager : restart wazuh-manager] ***********************************************************************************************************************************************************
changed: [3.85.101.227]

RUNNING HANDLER [../roles/wazuh/ansible-filebeat-oss : restart filebeat] *****************************************************************************************************************************************************************
changed: [3.85.101.227]

RUNNING HANDLER [../roles/wazuh/wazuh-dashboard : restart wazuh-dashboard] ***************************************************************************************************************************************************************
changed: [3.85.101.227]

PLAY RECAP *******************************************************************************************************************************************************************************************************************************
3.85.101.227               : ok=118  changed=56   unreachable=0    failed=0    skipped=90   rescued=0    ignored=0
  • Certificates creation
tree playbooks/indexer/
playbooks/indexer/
└── certificates
    ├── config.yml
    └── wazuh-certificates
        ├── admin-key.pem
        ├── admin.pem
        ├── node-1-key.pem
        ├── node-1.pem
        ├── root-ca-manager.key
        ├── root-ca-manager.pem
        ├── root-ca.key
        └── root-ca.pem

Services status

Manager status 
root@ip-172-31-38-135:/home/ubuntu# systemctl status wazuh-manager
● wazuh-manager.service - Wazuh manager
     Loaded: loaded (/lib/systemd/system/wazuh-manager.service; enabled; vendor preset: enabled)
     Active: active (running) since Wed 2024-07-10 09:55:51 UTC; 1min 47s ago
    Process: 62129 ExecStart=/usr/bin/env /var/ossec/bin/wazuh-control start (code=exited, status=0/SUCCESS)
      Tasks: 153 (limit: 9405)
     Memory: 910.0M
        CPU: 44.299s
     CGroup: /system.slice/wazuh-manager.service
             ├─62206 /var/ossec/framework/python/bin/python3 /var/ossec/api/scripts/wazuh-apid.py
             ├─62207 /var/ossec/framework/python/bin/python3 /var/ossec/api/scripts/wazuh-apid.py
             ├─62210 /var/ossec/framework/python/bin/python3 /var/ossec/api/scripts/wazuh-apid.py
             ├─62213 /var/ossec/framework/python/bin/python3 /var/ossec/api/scripts/wazuh-apid.py
             ├─62256 /var/ossec/bin/wazuh-authd
             ├─62272 /var/ossec/bin/wazuh-db
             ├─62296 /var/ossec/bin/wazuh-execd
             ├─62311 /var/ossec/bin/wazuh-analysisd
             ├─62322 /var/ossec/bin/wazuh-syscheckd
             ├─62370 /var/ossec/bin/wazuh-remoted
             ├─62404 /var/ossec/bin/wazuh-logcollector
             ├─62423 /var/ossec/bin/wazuh-monitord
             └─62450 /var/ossec/bin/wazuh-modulesd

Jul 10 09:55:43 ip-172-31-38-135 env[62129]: Started wazuh-analysisd...
Jul 10 09:55:44 ip-172-31-38-135 env[62129]: Started wazuh-syscheckd...
Jul 10 09:55:46 ip-172-31-38-135 env[62129]: Started wazuh-remoted...
Jul 10 09:55:47 ip-172-31-38-135 env[62129]: Started wazuh-logcollector...
Jul 10 09:55:48 ip-172-31-38-135 env[62129]: Started wazuh-monitord...
Jul 10 09:55:48 ip-172-31-38-135 env[62446]: 2024/07/10 09:55:48 wazuh-modulesd:router: INFO: Loaded router module.
Jul 10 09:55:48 ip-172-31-38-135 env[62446]: 2024/07/10 09:55:48 wazuh-modulesd:content_manager: INFO: Loaded content_manager module.
Jul 10 09:55:49 ip-172-31-38-135 env[62129]: Started wazuh-modulesd...
Jul 10 09:55:51 ip-172-31-38-135 env[62129]: Completed.
Jul 10 09:55:51 ip-172-31-38-135 systemd[1]: Started Wazuh manager.
Indexer status 
root@ip-172-31-38-135:/home/ubuntu# systemctl status wazuh-indexer
● wazuh-indexer.service - Wazuh-indexer
     Loaded: loaded (/lib/systemd/system/wazuh-indexer.service; enabled; vendor preset: enabled)
     Active: active (running) since Wed 2024-07-10 09:55:19 UTC; 2min 24s ago
       Docs: https://documentation.wazuh.com
   Main PID: 61649 (java)
      Tasks: 62 (limit: 9405)
     Memory: 4.3G
        CPU: 1min 14.562s
     CGroup: /system.slice/wazuh-indexer.service
             └─61649 /usr/share/wazuh-indexer/jdk/bin/java -Xshare:auto -Dopensearch.networkaddress.cache.ttl=60 -Dopensearch.networkaddress.cache.negative.ttl=10 -XX:+AlwaysPreTouch -Xss1m -Djava.awt.headless=true -Dfile.encoding=UT>

Jul 10 09:54:31 ip-172-31-38-135 systemd[1]: Starting Wazuh-indexer...
Jul 10 09:54:43 ip-172-31-38-135 systemd-entrypoint[61649]: WARNING: A terminally deprecated method in java.lang.System has been called
Jul 10 09:54:43 ip-172-31-38-135 systemd-entrypoint[61649]: WARNING: System::setSecurityManager has been called by org.opensearch.bootstrap.OpenSearch (file:/usr/share/wazuh-indexer/lib/opensearch-2.10.0.jar)
Jul 10 09:54:43 ip-172-31-38-135 systemd-entrypoint[61649]: WARNING: Please consider reporting this to the maintainers of org.opensearch.bootstrap.OpenSearch
Jul 10 09:54:43 ip-172-31-38-135 systemd-entrypoint[61649]: WARNING: System::setSecurityManager will be removed in a future release
Jul 10 09:54:46 ip-172-31-38-135 systemd-entrypoint[61649]: WARNING: A terminally deprecated method in java.lang.System has been called
Jul 10 09:54:46 ip-172-31-38-135 systemd-entrypoint[61649]: WARNING: System::setSecurityManager has been called by org.opensearch.bootstrap.Security (file:/usr/share/wazuh-indexer/lib/opensearch-2.10.0.jar)
Jul 10 09:54:46 ip-172-31-38-135 systemd-entrypoint[61649]: WARNING: Please consider reporting this to the maintainers of org.opensearch.bootstrap.Security
Jul 10 09:54:46 ip-172-31-38-135 systemd-entrypoint[61649]: WARNING: System::setSecurityManager will be removed in a future release
Jul 10 09:55:19 ip-172-31-38-135 systemd[1]: Started Wazuh-indexer.
Dashboard status 
root@ip-172-31-38-135:/home/ubuntu# systemctl status wazuh-dashboard
● wazuh-dashboard.service - wazuh-dashboard
     Loaded: loaded (/etc/systemd/system/wazuh-dashboard.service; enabled; vendor preset: enabled)
     Active: active (running) since Wed 2024-07-10 09:56:00 UTC; 1min 48s ago
   Main PID: 63438 (node)
      Tasks: 11 (limit: 9405)
     Memory: 195.2M
        CPU: 13.299s
     CGroup: /system.slice/wazuh-dashboard.service
             └─63438 /usr/share/wazuh-dashboard/node/bin/node --no-warnings --max-http-header-size=65536 --unhandled-rejections=warn /usr/share/wazuh-dashboard/src/cli/dist
Filebeat output 
root@ip-172-31-38-135:/home/ubuntu# filebeat test output
elasticsearch: https://127.0.0.1:9200...
  parse url... OK
  connection...
    parse host... OK
    dns lookup... OK
    addresses: 127.0.0.1
    dial up... OK
  TLS...
    security: server's certificate chain verification is enabled
    handshake... OK
    TLS version: TLSv1.3
    dial up... OK
  talk to server... OK
  version: 7.10.2

Dashboard connection

Captura de pantalla 2024-07-10 a las 12 13 01

@AirP0WeR
Copy link

Same bug on mac for me, thanks for fix it.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@c-bordon c-bordon

Labels
level/task Subtask issue reporter/community Issue reported by the community type/bug
Projects
Release 5.0.0
Status: Done
Milestone
No milestone
6 participants
@AirP0WeR @dmaasland @vikman90 @c-bordon @Enaraque @mrjson79