Extend Ansible support for macOS endpoints #1083

davidcr01 · 2023-10-17T10:22:45Z

Description

Related issue: #768

The aim of this PR is to extend the Wazuh Ansible deployment to macOS endpoints. This means that this alternative is now able to install the Wazuh agent in the macOS systems.
A new role macOS.yml has been created and the ossec.conf template has been updated to support macOS configurations.

This new role supports the three types of enrollment: auto-enrollment (default), via API and via agentd.

Testing

To ensure that this deployment is supported in every macOS-supported versions, is necessary to perform several tests.

Intel

🟢 macOS Sierra

PLAY [sierra,bigsur] ***********************************************************************************

TASK [Gathering Facts] *********************************************************************************
[WARNING]: Platform darwin on host 10.10.0.251 is using the discovered Python interpreter at
/usr/bin/python2.7, but future installation of another Python interpreter could change the meaning of
that path. See https://docs.ansible.com/ansible-
core/2.15/reference_appendices/interpreter_discovery.html for more information.
ok: [10.10.0.251]

TASK [../roles/wazuh/ansible-wazuh-agent : include_vars] ***********************************************
ok: [10.10.0.251]

TASK [../roles/wazuh/ansible-wazuh-agent : include_vars] ***********************************************
ok: [10.10.0.251]

TASK [../roles/wazuh/ansible-wazuh-agent : include_vars] ***********************************************
skipping: [10.10.0.251]

TASK [../roles/wazuh/ansible-wazuh-agent : include_vars] ***********************************************
skipping: [10.10.0.251]

TASK [../roles/wazuh/ansible-wazuh-agent : Overlay wazuh_agent_config on top of defaults] **************
ok: [10.10.0.251]

TASK [../roles/wazuh/ansible-wazuh-agent : include_tasks] **********************************************
skipping: [10.10.0.251]

TASK [../roles/wazuh/ansible-wazuh-agent : include_tasks] **********************************************
skipping: [10.10.0.251]

TASK [../roles/wazuh/ansible-wazuh-agent : include_tasks] **********************************************
included: /home/davidcr01/Wazuh/ansible/roles/wazuh/ansible-wazuh-agent/tasks/macOS.yml for 10.10.0.251

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Check architecture] *********************************
changed: [10.10.0.251]

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Set architecture variable] **************************
ok: [10.10.0.251]

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Set package name and URL based on architecture] *****
ok: [10.10.0.251]

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Check if Wazuh installer is already downloaded] *****
ok: [10.10.0.251]

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Download Wazuh Agent package] ***********************
changed: [10.10.0.251]

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Check if Wazuh Agent is already installed] **********
ok: [10.10.0.251]

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Install Agent if not already installed] *************
changed: [10.10.0.251]

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Check if client.keys exists] ************************
ok: [10.10.0.251]

TASK [../roles/wazuh/ansible-wazuh-agent : Copy CA root certificate to verify authd] *******************
skipping: [10.10.0.251]

TASK [../roles/wazuh/ansible-wazuh-agent : Copy TLS/SSL certificate for agent verification] ************
skipping: [10.10.0.251] => (item=/home/davidcr01/test/sslagent.cert) 
skipping: [10.10.0.251] => (item=/home/davidcr01/test/sslagent.key) 
skipping: [10.10.0.251]

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Register agent (via authd)] *************************
skipping: [10.10.0.251]

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Verify agent registration] **************************
skipping: [10.10.0.251]

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Establish target Wazuh Manager for registration task] ***
skipping: [10.10.0.251]

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Obtain JWT Token] ***********************************
skipping: [10.10.0.251]

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Create the agent key via rest-API] ******************
skipping: [10.10.0.251]

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Validate registered agent key matches manager record] ***
skipping: [10.10.0.251]

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Import Key (via rest-API)] **************************
skipping: [10.10.0.251]

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Agent registration via auto-enrollment] *************
ok: [10.10.0.251] => {
    "msg": "Agent registration will be performed through enrollment option in templated ossec.conf"
}

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Ensure group "wazuh" exists] ************************
ok: [10.10.0.251]

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Installing agent configuration (ossec.conf)] ********
changed: [10.10.0.251]

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Installing local_internal_options.conf] *************
changed: [10.10.0.251]

TASK [../roles/wazuh/ansible-wazuh-agent : Create auto-enrollment password file] ***********************
skipping: [10.10.0.251]

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Delete downloaded Wazuh agent installer file] *******
changed: [10.10.0.251]

RUNNING HANDLER [../roles/wazuh/ansible-wazuh-agent : macOS | Restart Wazuh Agent] *********************
changed: [10.10.0.251]

PLAY RECAP *********************************************************************************************
10.10.0.251                : ok=19   changed=7    unreachable=0    failed=0    skipped=14   rescued=0    ignored=0

🟢 macOS High Sierra

PLAY [highsierra] *******************************************************************************************************************************

TASK [Gathering Facts] **************************************************************************************************************************
[WARNING]: Platform darwin on host 10.10.0.251 is using the discovered Python interpreter at /usr/bin/python2.7, but future installation of
another Python interpreter could change the meaning of that path. See https://docs.ansible.com/ansible-
core/2.15/reference_appendices/interpreter_discovery.html for more information.
ok: [10.10.0.251]

TASK [../roles/wazuh/ansible-wazuh-agent : include_vars] ****************************************************************************************
ok: [10.10.0.251]

TASK [../roles/wazuh/ansible-wazuh-agent : include_vars] ****************************************************************************************
ok: [10.10.0.251]

TASK [../roles/wazuh/ansible-wazuh-agent : include_vars] ****************************************************************************************
skipping: [10.10.0.251]

TASK [../roles/wazuh/ansible-wazuh-agent : include_vars] ****************************************************************************************
skipping: [10.10.0.251]

TASK [../roles/wazuh/ansible-wazuh-agent : Overlay wazuh_agent_config on top of defaults] *******************************************************
ok: [10.10.0.251]

TASK [../roles/wazuh/ansible-wazuh-agent : include_tasks] ***************************************************************************************
skipping: [10.10.0.251]

TASK [../roles/wazuh/ansible-wazuh-agent : include_tasks] ***************************************************************************************
skipping: [10.10.0.251]

TASK [../roles/wazuh/ansible-wazuh-agent : include_tasks] ***************************************************************************************
included: /home/davidcr01/Wazuh/ansible/roles/wazuh/ansible-wazuh-agent/tasks/macOS.yml for 10.10.0.251

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Check architecture] **************************************************************************
changed: [10.10.0.251]

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Set architecture variable] *******************************************************************
ok: [10.10.0.251]

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Set package name and URL based on architecture] **********************************************
ok: [10.10.0.251]

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Check if Wazuh installer is already downloaded] **********************************************
ok: [10.10.0.251]

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Download Wazuh Agent package] ****************************************************************
changed: [10.10.0.251]

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Check if Wazuh Agent is already installed] ***************************************************
ok: [10.10.0.251]

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Install Agent if not already installed] ******************************************************
changed: [10.10.0.251]

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Check if client.keys exists] *****************************************************************
ok: [10.10.0.251]

TASK [../roles/wazuh/ansible-wazuh-agent : Copy CA root certificate to verify authd] ************************************************************
skipping: [10.10.0.251]

TASK [../roles/wazuh/ansible-wazuh-agent : Copy TLS/SSL certificate for agent verification] *****************************************************
skipping: [10.10.0.251] => (item=/home/davidcr01/test/sslagent.cert) 
skipping: [10.10.0.251] => (item=/home/davidcr01/test/sslagent.key) 
skipping: [10.10.0.251]

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Register agent (via authd)] ******************************************************************
skipping: [10.10.0.251]

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Verify agent registration] *******************************************************************
skipping: [10.10.0.251]

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Establish target Wazuh Manager for registration task] ****************************************
skipping: [10.10.0.251]

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Obtain JWT Token] ****************************************************************************
skipping: [10.10.0.251]

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Create the agent key via rest-API] ***********************************************************
skipping: [10.10.0.251]

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Validate registered agent key matches manager record] ****************************************
skipping: [10.10.0.251]

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Import Key (via rest-API)] *******************************************************************
skipping: [10.10.0.251]

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Agent registration via auto-enrollment] ******************************************************
ok: [10.10.0.251] => {
    "msg": "Agent registration will be performed through enrollment option in templated ossec.conf"
}

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Ensure group "wazuh" exists] *****************************************************************
ok: [10.10.0.251]

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Installing agent configuration (ossec.conf)] *************************************************
changed: [10.10.0.251]

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Installing local_internal_options.conf] ******************************************************
changed: [10.10.0.251]

TASK [../roles/wazuh/ansible-wazuh-agent : Create auto-enrollment password file] ****************************************************************
skipping: [10.10.0.251]

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Delete downloaded Wazuh agent installer file] ************************************************
changed: [10.10.0.251]

RUNNING HANDLER [../roles/wazuh/ansible-wazuh-agent : macOS | Restart Wazuh Agent] **************************************************************
changed: [10.10.0.251]

PLAY RECAP **************************************************************************************************************************************
10.10.0.251                : ok=19   changed=7    unreachable=0    failed=0    skipped=14   rescued=0    ignored=0

🟢 macOS Mojave

> ansible-playbook wazuh-agent.yml

PLAY [mojave] ******************************************************************

TASK [Gathering Facts] *********************************************************
[WARNING]: Platform darwin on host 10.10.0.251 is using the discovered Python
interpreter at /usr/bin/python2.7, but future installation of another Python
interpreter could change the meaning of that path. See
https://docs.ansible.com/ansible-
core/2.15/reference_appendices/interpreter_discovery.html for more information.
ok: [10.10.0.251]

TASK [../roles/wazuh/ansible-wazuh-agent : include_vars] ***********************
ok: [10.10.0.251]

TASK [../roles/wazuh/ansible-wazuh-agent : include_vars] ***********************
ok: [10.10.0.251]

TASK [../roles/wazuh/ansible-wazuh-agent : include_vars] ***********************
skipping: [10.10.0.251]

TASK [../roles/wazuh/ansible-wazuh-agent : include_vars] ***********************
skipping: [10.10.0.251]

TASK [../roles/wazuh/ansible-wazuh-agent : Overlay wazuh_agent_config on top of defaults] ***
ok: [10.10.0.251]

TASK [../roles/wazuh/ansible-wazuh-agent : include_tasks] **********************
skipping: [10.10.0.251]

TASK [../roles/wazuh/ansible-wazuh-agent : include_tasks] **********************
skipping: [10.10.0.251]

TASK [../roles/wazuh/ansible-wazuh-agent : include_tasks] **********************
included: /home/davidcr01/Wazuh/ansible/roles/wazuh/ansible-wazuh-agent/tasks/macOS.yml for 10.10.0.251

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Check architecture] *********
changed: [10.10.0.251]

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Set architecture variable] ***
ok: [10.10.0.251]

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Set package name and URL based on architecture] ***
ok: [10.10.0.251]

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Check if Wazuh installer is already downloaded] ***
ok: [10.10.0.251]

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Download Wazuh Agent package] ***
changed: [10.10.0.251]

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Check if Wazuh Agent is already installed] ***
ok: [10.10.0.251]

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Install Agent if not already installed] ***
changed: [10.10.0.251]

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Check if client.keys exists] ***
ok: [10.10.0.251]

TASK [../roles/wazuh/ansible-wazuh-agent : Copy CA root certificate to verify authd] ***
skipping: [10.10.0.251]

TASK [../roles/wazuh/ansible-wazuh-agent : Copy TLS/SSL certificate for agent verification] ***
skipping: [10.10.0.251] => (item=/home/davidcr01/test/sslagent.cert) 
skipping: [10.10.0.251] => (item=/home/davidcr01/test/sslagent.key) 
skipping: [10.10.0.251]

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Register agent (via authd)] ***
skipping: [10.10.0.251]

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Verify agent registration] ***
skipping: [10.10.0.251]

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Establish target Wazuh Manager for registration task] ***
skipping: [10.10.0.251]

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Obtain JWT Token] ***********
skipping: [10.10.0.251]

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Create the agent key via rest-API] ***
skipping: [10.10.0.251]

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Validate registered agent key matches manager record] ***
skipping: [10.10.0.251]

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Import Key (via rest-API)] ***
skipping: [10.10.0.251]

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Agent registration via auto-enrollment] ***
ok: [10.10.0.251] => {
    "msg": "Agent registration will be performed through enrollment option in templated ossec.conf"
}

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Ensure group "wazuh" exists] ***
ok: [10.10.0.251]

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Installing agent configuration (ossec.conf)] ***
changed: [10.10.0.251]

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Installing local_internal_options.conf] ***
changed: [10.10.0.251]

TASK [../roles/wazuh/ansible-wazuh-agent : Create auto-enrollment password file] ***
skipping: [10.10.0.251]

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Delete downloaded Wazuh agent installer file] ***
changed: [10.10.0.251]

RUNNING HANDLER [../roles/wazuh/ansible-wazuh-agent : macOS | Restart Wazuh Agent] ***
changed: [10.10.0.251]

PLAY RECAP *********************************************************************
10.10.0.251                : ok=19   changed=7    unreachable=0    failed=0    skipped=14   rescued=0    ignored=0

🟢 macOS Catalina

> ansible-playbook wazuh-agent.yml

PLAY [catalina] ****************************************************************

TASK [Gathering Facts] *********************************************************
[WARNING]: Platform darwin on host 10.10.0.251 is using the discovered Python
interpreter at /usr/bin/python3, but future installation of another Python
interpreter could change the meaning of that path. See
https://docs.ansible.com/ansible-
core/2.15/reference_appendices/interpreter_discovery.html for more information.
ok: [10.10.0.251]

TASK [../roles/wazuh/ansible-wazuh-agent : include_vars] ***********************
ok: [10.10.0.251]

TASK [../roles/wazuh/ansible-wazuh-agent : include_vars] ***********************
ok: [10.10.0.251]

TASK [../roles/wazuh/ansible-wazuh-agent : include_vars] ***********************
skipping: [10.10.0.251]

TASK [../roles/wazuh/ansible-wazuh-agent : include_vars] ***********************
skipping: [10.10.0.251]

TASK [../roles/wazuh/ansible-wazuh-agent : Overlay wazuh_agent_config on top of defaults] ***
ok: [10.10.0.251]

TASK [../roles/wazuh/ansible-wazuh-agent : include_tasks] **********************
skipping: [10.10.0.251]

TASK [../roles/wazuh/ansible-wazuh-agent : include_tasks] **********************
skipping: [10.10.0.251]

TASK [../roles/wazuh/ansible-wazuh-agent : include_tasks] **********************
included: /home/davidcr01/Wazuh/ansible/roles/wazuh/ansible-wazuh-agent/tasks/macOS.yml for 10.10.0.251

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Check architecture] *********
changed: [10.10.0.251]

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Set architecture variable] ***
ok: [10.10.0.251]

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Set package name and URL based on architecture] ***
ok: [10.10.0.251]

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Check if Wazuh installer is already downloaded] ***
ok: [10.10.0.251]

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Download Wazuh Agent package] ***
changed: [10.10.0.251]

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Check if Wazuh Agent is already installed] ***
ok: [10.10.0.251]

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Install Agent if not already installed] ***
changed: [10.10.0.251]

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Check if client.keys exists] ***
ok: [10.10.0.251]

TASK [../roles/wazuh/ansible-wazuh-agent : Copy CA root certificate to verify authd] ***
skipping: [10.10.0.251]

TASK [../roles/wazuh/ansible-wazuh-agent : Copy TLS/SSL certificate for agent verification] ***
skipping: [10.10.0.251] => (item=) 
skipping: [10.10.0.251] => (item=) 
skipping: [10.10.0.251]

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Register agent (via authd)] ***
skipping: [10.10.0.251]

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Verify agent registration] ***
skipping: [10.10.0.251]

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Establish target Wazuh Manager for registration task] ***
skipping: [10.10.0.251]

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Obtain JWT Token] ***********
skipping: [10.10.0.251]

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Create the agent key via rest-API] ***
skipping: [10.10.0.251]

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Validate registered agent key matches manager record] ***
skipping: [10.10.0.251]

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Import Key (via rest-API)] ***
skipping: [10.10.0.251]

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Agent registration via auto-enrollment] ***
ok: [10.10.0.251] => {
    "msg": "Agent registration will be performed through enrollment option in templated ossec.conf"
}

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Ensure group "wazuh" exists] ***
ok: [10.10.0.251]

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Installing agent configuration (ossec.conf)] ***
changed: [10.10.0.251]

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Installing local_internal_options.conf] ***
changed: [10.10.0.251]

TASK [../roles/wazuh/ansible-wazuh-agent : Create auto-enrollment password file] ***
skipping: [10.10.0.251]

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Delete downloaded Wazuh agent installer file] ***
changed: [10.10.0.251]

RUNNING HANDLER [../roles/wazuh/ansible-wazuh-agent : macOS | Restart Wazuh Agent] ***
changed: [10.10.0.251]

PLAY RECAP *********************************************************************
10.10.0.251                : ok=19   changed=7    unreachable=0    failed=0    skipped=14   rescued=0    ignored=0

🟢 macOS Big Sur

>  ansible-playbook wazuh-agent.yml
[DEPRECATION WARNING]: DEFAULT_HASH_BEHAVIOUR option, this feature is fragile and not portable, leading to continual confusion and misuse, use the ``combine`` filter explicitly instead. This feature will be 
removed from ansible-base in version 2.13. Deprecation warnings can be disabled by setting deprecation_warnings=False in ansible.cfg.

PLAY [bigsur] *****************************************************************************************************************************************************************************************************

TASK [Gathering Facts] ********************************************************************************************************************************************************************************************
[WARNING]: Platform darwin on host 10.10.0.251 is using the discovered Python interpreter at /usr/bin/python, but future installation of another Python interpreter could change the meaning of that path. See
https://docs.ansible.com/ansible/2.10/reference_appendices/interpreter_discovery.html for more information.
ok: [10.10.0.251]

TASK [../roles/wazuh/ansible-wazuh-agent : include_vars] **********************************************************************************************************************************************************
ok: [10.10.0.251]

TASK [../roles/wazuh/ansible-wazuh-agent : include_vars] **********************************************************************************************************************************************************
ok: [10.10.0.251]

TASK [../roles/wazuh/ansible-wazuh-agent : include_vars] **********************************************************************************************************************************************************
skipping: [10.10.0.251]

TASK [../roles/wazuh/ansible-wazuh-agent : include_vars] **********************************************************************************************************************************************************
skipping: [10.10.0.251]

TASK [../roles/wazuh/ansible-wazuh-agent : Overlay wazuh_agent_config on top of defaults] *************************************************************************************************************************
ok: [10.10.0.251]

TASK [../roles/wazuh/ansible-wazuh-agent : include_tasks] *********************************************************************************************************************************************************
skipping: [10.10.0.251]

TASK [../roles/wazuh/ansible-wazuh-agent : include_tasks] *********************************************************************************************************************************************************
skipping: [10.10.0.251]

TASK [../roles/wazuh/ansible-wazuh-agent : include_tasks] *********************************************************************************************************************************************************
included: /home/nonsatus/Documents/Wazuh/Repositories/wazuh-ansible/merge/roles/wazuh/ansible-wazuh-agent/tasks/macOS.yml for 10.10.0.251

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Check architecture] ********************************************************************************************************************************************
changed: [10.10.0.251]

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Set architecture variable] *************************************************************************************************************************************
ok: [10.10.0.251]

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Set package name and URL based on architecture] ****************************************************************************************************************
ok: [10.10.0.251]

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Check if Wazuh installer is already downloaded] ****************************************************************************************************************
ok: [10.10.0.251]

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Download Wazuh Agent package] **********************************************************************************************************************************
changed: [10.10.0.251]

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Check if Wazuh Agent is already installed] *********************************************************************************************************************
ok: [10.10.0.251]

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Install Agent if not already installed] ************************************************************************************************************************
changed: [10.10.0.251]

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Check if client.keys exists] ***********************************************************************************************************************************
ok: [10.10.0.251]

TASK [../roles/wazuh/ansible-wazuh-agent : Copy CA root certificate to verify authd] ******************************************************************************************************************************
skipping: [10.10.0.251]

TASK [../roles/wazuh/ansible-wazuh-agent : Copy TLS/SSL certificate for agent verification] ***********************************************************************************************************************
skipping: [10.10.0.251] => (item=) 
skipping: [10.10.0.251] => (item=) 

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Register agent (via authd)] ************************************************************************************************************************************
skipping: [10.10.0.251]

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Verify agent registration] *************************************************************************************************************************************
skipping: [10.10.0.251]

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Establish target Wazuh Manager for registration task] **********************************************************************************************************
skipping: [10.10.0.251]

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Obtain JWT Token] **********************************************************************************************************************************************
skipping: [10.10.0.251]

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Create the agent key via rest-API] *****************************************************************************************************************************
skipping: [10.10.0.251]

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Validate registered agent key matches manager record] **********************************************************************************************************
skipping: [10.10.0.251]

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Import Key (via rest-API)] *************************************************************************************************************************************
skipping: [10.10.0.251]

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Agent registration via auto-enrollment] ************************************************************************************************************************
ok: [10.10.0.251] => {
    "msg": "Agent registration will be performed through enrollment option in templated ossec.conf"
}

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Ensure group "wazuh" exists] ***********************************************************************************************************************************
ok: [10.10.0.251]

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Installing agent configuration (ossec.conf)] *******************************************************************************************************************
changed: [10.10.0.251]

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Installing local_internal_options.conf] ************************************************************************************************************************
changed: [10.10.0.251]

TASK [../roles/wazuh/ansible-wazuh-agent : Create auto-enrollment password file] **********************************************************************************************************************************
skipping: [10.10.0.251]

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Delete downloaded Wazuh agent installer file] ******************************************************************************************************************
changed: [10.10.0.251]

RUNNING HANDLER [../roles/wazuh/ansible-wazuh-agent : macOS | Restart Wazuh Agent] ********************************************************************************************************************************
changed: [10.10.0.251]

PLAY RECAP ********************************************************************************************************************************************************************************************************
10.10.0.251                : ok=19   changed=7    unreachable=0    failed=0    skipped=14   rescued=0    ignored=0

🟢 macOS Monterey

PLAY [macos] *******************************************************************************************

TASK [Gathering Facts] *********************************************************************************
[WARNING]: Platform darwin on host 10.10.0.251 is using the discovered Python interpreter at
/usr/bin/python3, but future installation of another Python interpreter could change the meaning of
that path. See https://docs.ansible.com/ansible-
core/2.15/reference_appendices/interpreter_discovery.html for more information.
ok: [10.10.0.251]

TASK [../roles/wazuh/ansible-wazuh-agent : include_vars] ***********************************************
ok: [10.10.0.251]

TASK [../roles/wazuh/ansible-wazuh-agent : include_vars] ***********************************************
ok: [10.10.0.251]

TASK [../roles/wazuh/ansible-wazuh-agent : include_vars] ***********************************************
skipping: [10.10.0.251]

TASK [../roles/wazuh/ansible-wazuh-agent : include_vars] ***********************************************
skipping: [10.10.0.251]

TASK [../roles/wazuh/ansible-wazuh-agent : Overlay wazuh_agent_config on top of defaults] **************
ok: [10.10.0.251]

TASK [../roles/wazuh/ansible-wazuh-agent : include_tasks] **********************************************
skipping: [10.10.0.251]

TASK [../roles/wazuh/ansible-wazuh-agent : include_tasks] **********************************************
skipping: [10.10.0.251]

TASK [../roles/wazuh/ansible-wazuh-agent : include_tasks] **********************************************
included: /home/davidcr01/Wazuh/ansible/roles/wazuh/ansible-wazuh-agent/tasks/macOS.yml for 10.10.0.251

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Check architecture] *********************************
changed: [10.10.0.251]

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Set architecture variable] **************************
ok: [10.10.0.251]

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Set package name and URL based on architecture] *****
ok: [10.10.0.251]

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Check if Wazuh installer is already downloaded] *****
ok: [10.10.0.251]

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Download Wazuh Agent package] ***********************
changed: [10.10.0.251]

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Check if Wazuh Agent is already installed] **********
ok: [10.10.0.251]

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Check if client.keys exists] ************************
ok: [10.10.0.251]

TASK [../roles/wazuh/ansible-wazuh-agent : Copy CA root certificate to verify authd] *******************
skipping: [10.10.0.251]

TASK [../roles/wazuh/ansible-wazuh-agent : Copy TLS/SSL certificate for agent verification] ************
skipping: [10.10.0.251] => (item=/home/davidcr01/test/sslagent.cert) 
skipping: [10.10.0.251] => (item=/home/davidcr01/test/sslagent.key) 
skipping: [10.10.0.251]

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Register agent (via authd)] *************************
skipping: [10.10.0.251]

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Verify agent registration] **************************
skipping: [10.10.0.251]

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Establish target Wazuh Manager for registration task] ***
skipping: [10.10.0.251]

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Obtain JWT Token] ***********************************
skipping: [10.10.0.251]

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Create the agent key via rest-API] ******************
skipping: [10.10.0.251]

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Validate registered agent key matches manager record] ***
skipping: [10.10.0.251]

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Import Key (via rest-API)] **************************
skipping: [10.10.0.251]

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Agent registration via auto-enrollment] *************
ok: [10.10.0.251] => {
    "msg": "Agent registration will be performed through enrollment option in templated ossec.conf"
}

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Ensure group "wazuh" exists] ************************
ok: [10.10.0.251]

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Installing agent configuration (ossec.conf)] ********
ok: [10.10.0.251]

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Installing local_internal_options.conf] *************
ok: [10.10.0.251]

TASK [../roles/wazuh/ansible-wazuh-agent : Create auto-enrollment password file] ***********************
skipping: [10.10.0.251]

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Delete downloaded Wazuh agent installer file] *******
changed: [10.10.0.251]

PLAY RECAP *********************************************************************************************
10.10.0.251                : ok=17   changed=3    unreachable=0    failed=0    skipped=14   rescued=0    ignored=0

🟢 macOS Ventura

ansible-playbook wazuh-agent.yml

PLAY [ventura] ********************************************************************

TASK [Gathering Facts] ************************************************************
[WARNING]: Platform darwin on host 3.85.49.188 is using the discovered Python
interpreter at /usr/bin/python3, but future installation of another Python
interpreter could change the meaning of that path. See
https://docs.ansible.com/ansible-
core/2.15/reference_appendices/interpreter_discovery.html for more information.
ok: [3.85.49.188]

TASK [../roles/wazuh/ansible-wazuh-agent : include_vars] **************************
ok: [3.85.49.188]

TASK [../roles/wazuh/ansible-wazuh-agent : include_vars] **************************
ok: [3.85.49.188]

TASK [../roles/wazuh/ansible-wazuh-agent : include_vars] **************************
skipping: [3.85.49.188]

TASK [../roles/wazuh/ansible-wazuh-agent : include_vars] **************************
skipping: [3.85.49.188]

TASK [../roles/wazuh/ansible-wazuh-agent : Overlay wazuh_agent_config on top of defaults] ***
ok: [3.85.49.188]

TASK [../roles/wazuh/ansible-wazuh-agent : include_tasks] *************************
skipping: [3.85.49.188]

TASK [../roles/wazuh/ansible-wazuh-agent : include_tasks] *************************
skipping: [3.85.49.188]

TASK [../roles/wazuh/ansible-wazuh-agent : include_tasks] *************************
included: /home/davidcr01/Wazuh/ansible/roles/wazuh/ansible-wazuh-agent/tasks/macOS.yml for 3.85.49.188

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Check architecture] ************
changed: [3.85.49.188]

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Set architecture variable] *****
ok: [3.85.49.188]

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Set package name and URL based on architecture] ***
ok: [3.85.49.188]

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Check if Wazuh installer is already downloaded] ***
ok: [3.85.49.188]

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Download Wazuh Agent package] ***
changed: [3.85.49.188]

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Check if Wazuh Agent is already installed] ***
ok: [3.85.49.188]

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Install Agent if not already installed] ***
changed: [3.85.49.188]

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Check if client.keys exists] ***
ok: [3.85.49.188]

TASK [../roles/wazuh/ansible-wazuh-agent : Copy CA root certificate to verify authd] ***
skipping: [3.85.49.188]

TASK [../roles/wazuh/ansible-wazuh-agent : Copy TLS/SSL certificate for agent verification] ***
skipping: [3.85.49.188] => (item=) 
skipping: [3.85.49.188] => (item=) 
skipping: [3.85.49.188]

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Register agent (via authd)] ****
skipping: [3.85.49.188]

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Verify agent registration] *****
skipping: [3.85.49.188]

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Establish target Wazuh Manager for registration task] ***
skipping: [3.85.49.188]

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Obtain JWT Token] **************
skipping: [3.85.49.188]

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Create the agent key via rest-API] ***
skipping: [3.85.49.188]

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Validate registered agent key matches manager record] ***
skipping: [3.85.49.188]

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Import Key (via rest-API)] *****
skipping: [3.85.49.188]

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Agent registration via auto-enrollment] ***
ok: [3.85.49.188] => {
    "msg": "Agent registration will be performed through enrollment option in templated ossec.conf"
}

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Ensure group "wazuh" exists] ***
ok: [3.85.49.188]

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Installing agent configuration (ossec.conf)] ***
changed: [3.85.49.188]

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Installing local_internal_options.conf] ***
changed: [3.85.49.188]

TASK [../roles/wazuh/ansible-wazuh-agent : Create auto-enrollment password file] ***
skipping: [3.85.49.188]

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Delete downloaded Wazuh agent installer file] ***
changed: [3.85.49.188]

RUNNING HANDLER [../roles/wazuh/ansible-wazuh-agent : macOS | Restart Wazuh Agent] ***
changed: [3.85.49.188]

PLAY RECAP ************************************************************************
3.85.49.188                : ok=19   changed=7    unreachable=0    failed=0    skipped=14   rescued=0    ignored=0

ARM

🟢 macOS Big Sur

> ansible-playbook wazuh-agent.yml

PLAY [bigsurARM] ************************************************************************************************************************************

TASK [Gathering Facts] ******************************************************************************************************************************
[WARNING]: Platform darwin on host 3.92.185.158 is using the discovered Python interpreter at /usr/bin/python3, but future installation of another
Python interpreter could change the meaning of that path. See https://docs.ansible.com/ansible-
core/2.15/reference_appendices/interpreter_discovery.html for more information.
ok: [3.92.185.158]

TASK [../roles/wazuh/ansible-wazuh-agent : include_vars] ********************************************************************************************
ok: [3.92.185.158]

TASK [../roles/wazuh/ansible-wazuh-agent : include_vars] ********************************************************************************************
ok: [3.92.185.158]

TASK [../roles/wazuh/ansible-wazuh-agent : include_vars] ********************************************************************************************
skipping: [3.92.185.158]

TASK [../roles/wazuh/ansible-wazuh-agent : include_vars] ********************************************************************************************
skipping: [3.92.185.158]

TASK [../roles/wazuh/ansible-wazuh-agent : Overlay wazuh_agent_config on top of defaults] ***********************************************************
ok: [3.92.185.158]

TASK [../roles/wazuh/ansible-wazuh-agent : include_tasks] *******************************************************************************************
skipping: [3.92.185.158]

TASK [../roles/wazuh/ansible-wazuh-agent : include_tasks] *******************************************************************************************
skipping: [3.92.185.158]

TASK [../roles/wazuh/ansible-wazuh-agent : include_tasks] *******************************************************************************************
included: /home/davidcr01/Wazuh/ansible/roles/wazuh/ansible-wazuh-agent/tasks/macOS.yml for 3.92.185.158

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Check architecture] ******************************************************************************
changed: [3.92.185.158]

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Set architecture variable] ***********************************************************************
ok: [3.92.185.158]

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Set package name and URL based on architecture] **************************************************
ok: [3.92.185.158]

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Check if Wazuh installer is already downloaded] **************************************************
ok: [3.92.185.158]

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Download Wazuh Agent package] ********************************************************************
changed: [3.92.185.158]

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Check if Wazuh Agent is already installed] *******************************************************
ok: [3.92.185.158]

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Install Agent if not already installed] **********************************************************
changed: [3.92.185.158]

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Check if client.keys exists] *********************************************************************
ok: [3.92.185.158]

TASK [../roles/wazuh/ansible-wazuh-agent : Copy CA root certificate to verify authd] ****************************************************************
skipping: [3.92.185.158]

TASK [../roles/wazuh/ansible-wazuh-agent : Copy TLS/SSL certificate for agent verification] *********************************************************
skipping: [3.92.185.158] => (item=) 
skipping: [3.92.185.158] => (item=) 
skipping: [3.92.185.158]

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Register agent (via authd)] **********************************************************************
skipping: [3.92.185.158]

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Verify agent registration] ***********************************************************************
skipping: [3.92.185.158]

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Establish target Wazuh Manager for registration task] ********************************************
skipping: [3.92.185.158]

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Obtain JWT Token] ********************************************************************************
skipping: [3.92.185.158]

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Create the agent key via rest-API] ***************************************************************
skipping: [3.92.185.158]

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Validate registered agent key matches manager record] ********************************************
skipping: [3.92.185.158]

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Import Key (via rest-API)] ***********************************************************************
skipping: [3.92.185.158]

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Agent registration via auto-enrollment] **********************************************************
ok: [3.92.185.158] => {
    "msg": "Agent registration will be performed through enrollment option in templated ossec.conf"
}

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Ensure group "wazuh" exists] *********************************************************************
ok: [3.92.185.158]

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Installing agent configuration (ossec.conf)] *****************************************************
changed: [3.92.185.158]

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Installing local_internal_options.conf] **********************************************************
changed: [3.92.185.158]

TASK [../roles/wazuh/ansible-wazuh-agent : Create auto-enrollment password file] ********************************************************************
skipping: [3.92.185.158]

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Delete downloaded Wazuh agent installer file] ****************************************************
changed: [3.92.185.158]

RUNNING HANDLER [../roles/wazuh/ansible-wazuh-agent : macOS | Restart Wazuh Agent] ******************************************************************
changed: [3.92.185.158]

PLAY RECAP ******************************************************************************************************************************************
3.92.185.158               : ok=19   changed=7    unreachable=0    failed=0    skipped=14   rescued=0    ignored=0

🟢 macOS Monterey

PLAY [montereyARM] ***********************************************************************************************************************************************

TASK [Gathering Facts] *******************************************************************************************************************************************
[WARNING]: Platform darwin on host 10.10.0.250 is using the discovered Python interpreter at /usr/bin/python3, but future installation of another Python
interpreter could change the meaning of that path. See https://docs.ansible.com/ansible-core/2.15/reference_appendices/interpreter_discovery.html for more
information.
ok: [10.10.0.250]

TASK [../roles/wazuh/ansible-wazuh-agent : include_vars] *********************************************************************************************************
ok: [10.10.0.250]

TASK [../roles/wazuh/ansible-wazuh-agent : include_vars] *********************************************************************************************************
ok: [10.10.0.250]

TASK [../roles/wazuh/ansible-wazuh-agent : include_vars] *********************************************************************************************************
skipping: [10.10.0.250]

TASK [../roles/wazuh/ansible-wazuh-agent : include_vars] *********************************************************************************************************
skipping: [10.10.0.250]

TASK [../roles/wazuh/ansible-wazuh-agent : Overlay wazuh_agent_config on top of defaults] ************************************************************************
ok: [10.10.0.250]

TASK [../roles/wazuh/ansible-wazuh-agent : include_tasks] ********************************************************************************************************
skipping: [10.10.0.250]

TASK [../roles/wazuh/ansible-wazuh-agent : include_tasks] ********************************************************************************************************
skipping: [10.10.0.250]

TASK [../roles/wazuh/ansible-wazuh-agent : include_tasks] ********************************************************************************************************
included: /home/davidcr01/Wazuh/ansible/roles/wazuh/ansible-wazuh-agent/tasks/macOS.yml for 10.10.0.250

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Check architecture] *******************************************************************************************
changed: [10.10.0.250]

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Set architecture variable] ************************************************************************************
ok: [10.10.0.250]

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Set package name and URL based on architecture] ***************************************************************
ok: [10.10.0.250]

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Check if Wazuh installer is already downloaded] ***************************************************************
ok: [10.10.0.250]

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Download Wazuh Agent package] *********************************************************************************
changed: [10.10.0.250]

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Check if Wazuh Agent is already installed] ********************************************************************
ok: [10.10.0.250]

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Install Agent if not already installed] ***********************************************************************
changed: [10.10.0.250]

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Check if client.keys exists] **********************************************************************************
ok: [10.10.0.250]

TASK [../roles/wazuh/ansible-wazuh-agent : Copy CA root certificate to verify authd] *****************************************************************************
skipping: [10.10.0.250]

TASK [../roles/wazuh/ansible-wazuh-agent : Copy TLS/SSL certificate for agent verification] **********************************************************************
skipping: [10.10.0.250] => (item=/home/davidcr01/test/sslagent.cert) 
skipping: [10.10.0.250] => (item=/home/davidcr01/test/sslagent.key) 
skipping: [10.10.0.250]

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Register agent (via authd)] ***********************************************************************************
skipping: [10.10.0.250]

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Verify agent registration] ************************************************************************************
skipping: [10.10.0.250]

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Establish target Wazuh Manager for registration task] *********************************************************
skipping: [10.10.0.250]

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Obtain JWT Token] *********************************************************************************************
skipping: [10.10.0.250]

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Create the agent key via rest-API] ****************************************************************************
skipping: [10.10.0.250]

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Validate registered agent key matches manager record] *********************************************************
skipping: [10.10.0.250]

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Import Key (via rest-API)] ************************************************************************************
skipping: [10.10.0.250]

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Agent registration via auto-enrollment] ***********************************************************************
ok: [10.10.0.250] => {
    "msg": "Agent registration will be performed through enrollment option in templated ossec.conf"
}

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Ensure group "wazuh" exists] **********************************************************************************
ok: [10.10.0.250]

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Installing agent configuration (ossec.conf)] ******************************************************************
changed: [10.10.0.250]

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Installing local_internal_options.conf] ***********************************************************************
changed: [10.10.0.250]

TASK [../roles/wazuh/ansible-wazuh-agent : Create auto-enrollment password file] *********************************************************************************
skipping: [10.10.0.250]

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Delete downloaded Wazuh agent installer file] *****************************************************************
changed: [10.10.0.250]

RUNNING HANDLER [../roles/wazuh/ansible-wazuh-agent : macOS | Restart Wazuh Agent] *******************************************************************************
changed: [10.10.0.250]

PLAY RECAP *******************************************************************************************************************************************************
10.10.0.250                : ok=19   changed=7    unreachable=0    failed=0    skipped=14   rescued=0    ignored=0

🟢 macOS Ventura

PLAY [venturaARM] ******************************************************************************************************

TASK [Gathering Facts] *************************************************************************************************
[WARNING]: Platform darwin on host 10.10.0.250 is using the discovered Python interpreter at /usr/bin/python3, but
future installation of another Python interpreter could change the meaning of that path. See
https://docs.ansible.com/ansible-core/2.15/reference_appendices/interpreter_discovery.html for more information.
ok: [10.10.0.250]

TASK [../roles/wazuh/ansible-wazuh-agent : include_vars] ***************************************************************
ok: [10.10.0.250]

TASK [../roles/wazuh/ansible-wazuh-agent : include_vars] ***************************************************************
ok: [10.10.0.250]

TASK [../roles/wazuh/ansible-wazuh-agent : include_vars] ***************************************************************
skipping: [10.10.0.250]

TASK [../roles/wazuh/ansible-wazuh-agent : include_vars] ***************************************************************
skipping: [10.10.0.250]

TASK [../roles/wazuh/ansible-wazuh-agent : Overlay wazuh_agent_config on top of defaults] ******************************
ok: [10.10.0.250]

TASK [../roles/wazuh/ansible-wazuh-agent : include_tasks] **************************************************************
skipping: [10.10.0.250]

TASK [../roles/wazuh/ansible-wazuh-agent : include_tasks] **************************************************************
skipping: [10.10.0.250]

TASK [../roles/wazuh/ansible-wazuh-agent : include_tasks] **************************************************************
included: /home/davidcr01/Wazuh/ansible/roles/wazuh/ansible-wazuh-agent/tasks/macOS.yml for 10.10.0.250

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Check architecture] *************************************************
changed: [10.10.0.250]

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Set architecture variable] ******************************************
ok: [10.10.0.250]

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Set package name and URL based on architecture] *********************
ok: [10.10.0.250]

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Check if Wazuh installer is already downloaded] *********************
ok: [10.10.0.250]

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Download Wazuh Agent package] ***************************************
changed: [10.10.0.250]

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Check if Wazuh Agent is already installed] **************************
ok: [10.10.0.250]

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Install Agent if not already installed] *****************************
changed: [10.10.0.250]

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Check if client.keys exists] ****************************************
ok: [10.10.0.250]

TASK [../roles/wazuh/ansible-wazuh-agent : Copy CA root certificate to verify authd] ***********************************
skipping: [10.10.0.250]

TASK [../roles/wazuh/ansible-wazuh-agent : Copy TLS/SSL certificate for agent verification] ****************************
skipping: [10.10.0.250] => (item=/home/davidcr01/test/sslagent.cert) 
skipping: [10.10.0.250] => (item=/home/davidcr01/test/sslagent.key) 
skipping: [10.10.0.250]

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Register agent (via authd)] *****************************************
skipping: [10.10.0.250]

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Verify agent registration] ******************************************
skipping: [10.10.0.250]

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Establish target Wazuh Manager for registration task] ***************
skipping: [10.10.0.250]

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Obtain JWT Token] ***************************************************
skipping: [10.10.0.250]

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Create the agent key via rest-API] **********************************
skipping: [10.10.0.250]

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Validate registered agent key matches manager record] ***************
skipping: [10.10.0.250]

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Import Key (via rest-API)] ******************************************
skipping: [10.10.0.250]

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Agent registration via auto-enrollment] *****************************
ok: [10.10.0.250] => {
    "msg": "Agent registration will be performed through enrollment option in templated ossec.conf"
}

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Ensure group "wazuh" exists] ****************************************
ok: [10.10.0.250]

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Installing agent configuration (ossec.conf)] ************************
changed: [10.10.0.250]

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Installing local_internal_options.conf] *****************************
changed: [10.10.0.250]

TASK [../roles/wazuh/ansible-wazuh-agent : Create auto-enrollment password file] ***************************************
skipping: [10.10.0.250]

TASK [../roles/wazuh/ansible-wazuh-agent : macOS | Delete downloaded Wazuh agent installer file] ***********************
changed: [10.10.0.250]

RUNNING HANDLER [../roles/wazuh/ansible-wazuh-agent : macOS | Restart Wazuh Agent] *************************************
changed: [10.10.0.250]

PLAY RECAP *************************************************************************************************************
10.10.0.250                : ok=19   changed=7    unreachable=0    failed=0    skipped=14   rescued=0    ignored=0

davidcr01 added 9 commits October 3, 2023 17:04

Initial variables created

af5b41a

Initial macOS tasks created

e1568d0

Agent package is downloaded and deleted

4ef5c37

Updated ossec.conf template to support macOS

490bcff

Added authd enrollment alternative to macOS.yml

eabc38d

Updated API enrollment variables

58ed9c2

Added API enrollment alternative to macOS.yml

61c40a1

Added auto enrollment alternative to macOS.yml

07d4228

Added password path in macOS

1432f92

davidcr01 changed the title ~~Enhancement/768 extend wazuh ansible support for macos endpoints~~ Extend Ansible support for macOS endpoints Oct 17, 2023

davidcr01 requested review from teddytpc1, vcerenu and c-bordon October 17, 2023 10:23

davidcr01 self-assigned this Oct 17, 2023

vcerenu previously approved these changes Oct 17, 2023

View reviewed changes

Removed agent verification in macOS deployment

b2d2f5c

davidcr01 dismissed vcerenu’s stale review via b2d2f5c October 17, 2023 14:12

davidcr01 requested a review from vcerenu October 17, 2023 14:12

c-bordon approved these changes Oct 17, 2023

View reviewed changes

teddytpc1 approved these changes Oct 18, 2023

View reviewed changes

teddytpc1 linked an issue Oct 18, 2023 that may be closed by this pull request

Extend Wazuh ansible support for Windows and macOS endpoints #768

Closed

teddytpc1 merged commit 5dd3c0c into 4.8.0 Oct 18, 2023
12 of 18 checks passed

teddytpc1 deleted the enhancement/768-extend-wazuh-ansible-support-for-macos-endpoints branch October 18, 2023 18:09

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Extend Ansible support for macOS endpoints #1083

Extend Ansible support for macOS endpoints #1083

davidcr01 commented Oct 17, 2023 •

edited

Extend Ansible support for macOS endpoints #1083

Extend Ansible support for macOS endpoints #1083

Conversation

davidcr01 commented Oct 17, 2023 • edited

Description

Testing

Intel

ARM

davidcr01 commented Oct 17, 2023 •

edited