The unattended installation saves time deploying agents, allowing the user to predefine several installation variables instead of waiting for them to be prompted. This can be made modifying the preloaded-vars.conf
file and uncommenting the configuration lines that you want to automate during the installation process.
USER_LANGUAGE | Defines the language to be used. | |
Allowed values | "en", "br", "cn", "de", "el", "en", "es", "fr", "hu", "it", "jp", "nl", "pl", "ru", "sr", "tr" | |
USER_NO_STOP | If it is set to anything, the confirmation messages are not going to be asked for. | |
USER_INSTALL_TYPE | Defines the role for the Wazuh instance that is being installed. | |
Allowed values | "local", "agent", "server" | |
USER_DIR | Defines the location to install Wazuh. | |
Allowed values | Any path | |
USER_DELETE_DIR | If it is set to "y", the directory to install Wazuh will be removed if exists. | |
Allowed values | "y", "n" | |
USER_ENABLE_ACTIVE_RESPONSE | If it is set to "n", active response will be disabled. | |
Allowed values | "y", "n" | |
USER_ENABLE_SYSCHECK | If it is set to "n", syscheck will be disabled. | |
Allowed values | "y", "n" | |
USER_ENABLE_ROOTCHECK | If it is set to "n", rootcheck will be disabled. | |
Allowed values | "y", "n" | |
USER_ENABLE_OPENSCAP | If it is set to "n", OpenSCAP will be disabled. | |
Allowed values | "y", "n" | |
USER_ENABLE_AUTHD | If it is set to "y", Authd will be enabled. | |
Allowed values | "y", "n" | |
USER_GENERATE_AUTHD_CERT | If it is set to "y", the Authd certificate will be auto generated. | |
Allowed values | "y", "n" | |
USER_UPDATE | If it is set to anything, the update installation will be done. | |
USER_BINARYINSTALL | If it is set to anything, the installation is not going to compile the code, but use the binaries from ./bin/ |
USER_AGENT_SERVER_IP | Specifies the IP address of the Wazuh server. |
USER_AGENT_SERVER_NAME | Specifies the hostname of the Wazuh server. |
USER_AGENT_CONFIG_PROFILE | Specifies the agent's config profile name. This is used to create a configuration profiles for this particular profile name. |
Example:
USER_LANGUAGE="en"
USER_NO_STOP="y"
USER_INSTALL_TYPE="agent"
USER_DIR="/var/ossec"
USER_ENABLE_SYSCHECK="y"
USER_ENABLE_ROOTCHECK="y"
USER_ENABLE_OPENSCAP="y"
USER_ENABLE_ACTIVE_RESPONSE="y"
USER_ENABLE_EMAIL | Enables or disables alerts by e-mail. | |
Allowed values | "y", "n" | |
USER_AUTO_START | Enables or disables the auto-start of Wazuh. | |
USER_EMAIL_ADDRESS | Defines the destination e-mail for the alerts. | |
Allowed values | A valid e-mail address. | |
USER_EMAIL_SMTP | Defines the SMTP server to send the e-mails. | |
Allowed values | A valid SMTP server. | |
USER_ENABLE_SYSLOG | Enables or disables remote syslog. | |
Allowed values | "y", "n" | |
USER_WHITE_LIST | List of IPs or networks that are going to be set to never be blocked. | |
USER_CA_STORE | Assign the path to a X509 certificate or to a folder containing certificates to verify incoming WPK packages for remote upgrades. |
Example:
USER_LANGUAGE="en"
USER_NO_STOP="y"
USER_INSTALL_TYPE="server"
USER_DIR="/var/ossec"
USER_ENABLE_EMAIL="n"
USER_ENABLE_SYSCHECK="y"
USER_ENABLE_ROOTCHECK="y"
USER_ENABLE_OPENSCAP="y"
USER_WHITE_LIST="n"
USER_ENABLE_SYSLOG="y"
Parameters for install_api.sh
:
REINSTALL | Reinstall Wazuh. | |
Allowed values | "y", "n" | |
REMOVE | Remove current installation. | |
Allowed values | "y", "n" | |
DIRECTORY | Installation directory. | |
Allowed values | Any path |
Parameters for configure_api.sh
:
PORT | The port used to connect to the Wazuh API. | |
Allowed values | Any valid port. | |
HTTPS | Enable HTTPS. | |
Allowed values | "y", "n" | |
AUTHD | Enable Authd authentication. | |
Allowed values | "y", "n" | |
PROXY | Change proxy. | |
Allowed values | "y", "n" |
Parameters for certificate generation:
COUNTRY | Certificate country. |
STATE | Certificate state. |
LOCALITY | Certificate locality. |
ORG_NAME | Organization name. |
ORG_UNIT | Organization unit name. |
COMMON_NAME | Common Name. |
PASSWORD | Certificate password. |
Parameters for basic auth:
USER | API user. |
PASS | API password. |
Note
To automate deployments in Windows you can use the parameters of its :ref:`installer <wazuh_agent_windows>`.