Merge 4.7.2 into 4.8.0 #2715
Merged
Merge 4.7.2 into 4.8.0 #2715
Wazuh CI / All In One - Ubuntu focal installation
succeeded
Dec 21, 2023 in 7m 53s
Test_unattended
Below you have the stage output
Details
Ubuntu focal log
--------------------------------
21/12/2023 13:19:42 DEBUG: Checking root permissions.
21/12/2023 13:19:42 INFO: Starting Wazuh installation assistant. Wazuh version: 4.8.0
21/12/2023 13:19:42 INFO: Verbose logging redirected to /var/log/wazuh-install.log
21/12/2023 13:19:42 DEBUG: APT package manager will be used.
21/12/2023 13:19:42 DEBUG: Checking system distribution.
21/12/2023 13:19:42 DEBUG: Detected distribution name: ubuntu
21/12/2023 13:19:42 DEBUG: Detected distribution version: 20
21/12/2023 13:19:42 DEBUG: Checking Wazuh installation.
21/12/2023 13:19:44 DEBUG: Installing check dependencies.
Hit:1 http://us-east-1.ec2.archive.ubuntu.com/ubuntu focal InRelease
Hit:2 http://us-east-1.ec2.archive.ubuntu.com/ubuntu focal-updates InRelease
Hit:3 http://us-east-1.ec2.archive.ubuntu.com/ubuntu focal-backports InRelease
Hit:4 https://download.docker.com/linux/ubuntu focal InRelease
Hit:5 http://security.ubuntu.com/ubuntu focal-security InRelease
Hit:6 http://ppa.launchpad.net/deadsnakes/ppa/ubuntu focal InRelease
Reading package lists...
21/12/2023 13:19:50 DEBUG: Checking system architecture.
21/12/2023 13:19:50 INFO: Verifying that your system meets the recommended minimum hardware requirements.
21/12/2023 13:19:50 DEBUG: CPU cores detected: 2
21/12/2023 13:19:50 DEBUG: Free RAM memory detected: 7871
21/12/2023 13:19:50 INFO: Wazuh web interface port will be 443.
21/12/2023 13:19:50 DEBUG: Checking ports availability.
21/12/2023 13:19:52 DEBUG: Installing prerequisites dependencies.
Hit:1 http://us-east-1.ec2.archive.ubuntu.com/ubuntu focal InRelease
Hit:2 http://us-east-1.ec2.archive.ubuntu.com/ubuntu focal-updates InRelease
Hit:3 http://us-east-1.ec2.archive.ubuntu.com/ubuntu focal-backports InRelease
Hit:4 https://download.docker.com/linux/ubuntu focal InRelease
Hit:5 http://security.ubuntu.com/ubuntu focal-security InRelease
Hit:6 http://ppa.launchpad.net/deadsnakes/ppa/ubuntu focal InRelease
Reading package lists...
21/12/2023 13:19:56 DEBUG: Checking curl tool version.
21/12/2023 13:19:56 DEBUG: Adding the Wazuh repository.
gpg: keyring '/usr/share/keyrings/wazuh.gpg' created
gpg: directory '/root/.gnupg' created
gpg: /root/.gnupg/trustdb.gpg: trustdb created
gpg: key 96B3EE5F29111145: public key "Wazuh.com (Wazuh Signing Key) <support@wazuh.com>" imported
gpg: Total number processed: 1
gpg: imported: 1
deb [signed-by=/usr/share/keyrings/wazuh.gpg] https://packages-dev.wazuh.com/staging/apt/ unstable main
Hit:1 http://us-east-1.ec2.archive.ubuntu.com/ubuntu focal InRelease
Hit:2 http://us-east-1.ec2.archive.ubuntu.com/ubuntu focal-updates InRelease
Hit:3 http://us-east-1.ec2.archive.ubuntu.com/ubuntu focal-backports InRelease
Hit:4 https://download.docker.com/linux/ubuntu focal InRelease
Hit:5 http://security.ubuntu.com/ubuntu focal-security InRelease
Hit:6 http://ppa.launchpad.net/deadsnakes/ppa/ubuntu focal InRelease
Get:7 https://packages-dev.wazuh.com/staging/apt unstable InRelease [17.3 kB]
Get:8 https://packages-dev.wazuh.com/staging/apt unstable/main amd64 Packages [32.5 kB]
Fetched 49.8 kB in 1s (53.7 kB/s)
Reading package lists...
21/12/2023 13:19:58 INFO: Wazuh development repository added.
21/12/2023 13:19:58 INFO: --- Configuration files ---
21/12/2023 13:19:58 INFO: Generating configuration files.
21/12/2023 13:19:58 DEBUG: Creating Wazuh certificates.
21/12/2023 13:19:58 DEBUG: Reading configuration file.
21/12/2023 13:19:59 DEBUG: Creating the root certificate.
Generating a RSA private key
........................................+++++
.+++++
writing new private key to '/tmp/wazuh-certificates//root-ca.key'
-----
21/12/2023 13:19:59 DEBUG: Generating Admin certificates.
Generating RSA private key, 2048 bit long modulus (2 primes)
........................+++++
..+++++
e is 65537 (0x010001)
Signature ok
subject=C = US, L = California, O = Wazuh, OU = Wazuh, CN = admin
Getting CA Private Key
21/12/2023 13:19:59 DEBUG: Generating Wazuh indexer certificates.
21/12/2023 13:19:59 DEBUG: Creating the Wazuh indexer certificates.
21/12/2023 13:19:59 DEBUG: Generating certificate configuration.
Generating a RSA private key
...........+++++
.................................................+++++
writing new private key to '/tmp/wazuh-certificates//wazuh-indexer-key.pem'
-----
Signature ok
subject=C = US, L = California, O = Wazuh, OU = Wazuh, CN = wazuh-indexer
Getting CA Private Key
21/12/2023 13:19:59 DEBUG: Generating Filebeat certificates.
21/12/2023 13:19:59 DEBUG: Creating the Wazuh server certificates.
21/12/2023 13:19:59 DEBUG: Generating certificate configuration.
Generating a RSA private key
.............................+++++
..........................................+++++
writing new private key to '/tmp/wazuh-certificates//wazuh-server-key.pem'
-----
Signature ok
subject=C = US, L = California, O = Wazuh, OU = Wazuh, CN = wazuh-server
Getting CA Private Key
21/12/2023 13:19:59 DEBUG: Generating Wazuh dashboard certificates.
21/12/2023 13:19:59 DEBUG: Creating the Wazuh dashboard certificates.
21/12/2023 13:19:59 DEBUG: Generating certificate configuration.
Generating a RSA private key
..................................................................................+++++
............................+++++
writing new private key to '/tmp/wazuh-certificates//wazuh-dashboard-key.pem'
-----
Signature ok
subject=C = US, L = California, O = Wazuh, OU = Wazuh, CN = wazuh-dashboard
Getting CA Private Key
21/12/2023 13:19:59 DEBUG: Cleaning certificate files.
21/12/2023 13:19:59 DEBUG: Generating password file.
21/12/2023 13:19:59 DEBUG: Generating random passwords.
21/12/2023 13:20:00 INFO: Created wazuh-install-files.tar. It contains the Wazuh cluster key, certificates, and passwords necessary for installation.
21/12/2023 13:20:00 DEBUG: Extracting Wazuh configuration.
21/12/2023 13:20:00 DEBUG: Reading configuration file.
21/12/2023 13:20:00 INFO: --- Wazuh indexer ---
21/12/2023 13:20:00 INFO: Starting Wazuh indexer installation.
Reading package lists... Building dependency tree... Reading state information... The following packages were automatically installed and are no longer required: libfwupdplugin1 linux-aws-5.8-headers-
5.8.0-1038 linux-headers-5.8.0-1038-aws linux-image-5.8.0-1038-aws linux-modules-5.8.0-1038-aws Use 'sudo apt autoremove' to remove them. The following NEW packages will be installed: wazuh-indexer 0
upgraded, 1 newly installed, 0 to remove and 256 not upgraded. Need to get 752 MB of archives. After this operation, 1,050 MB of additional disk space will be used. Get:1 https://packages-dev.wazuh.co
m/staging/apt unstable/main amd64 wazuh-indexer amd64 4.8.0-wj5952 [752 MB] Fetched 752 MB in 44s (17.0 MB/s) Selecting previously unselected package wazuh-indexer.
(Reading database ...
(Reading database ... 5%
(Reading database ... 10%
(Reading database ... 15%
(Reading database ... 20%
(Reading database ... 25%
(Reading database ... 30%
(Reading database ... 35%
(Reading database ... 40%
(Reading database ... 45%
(Reading database ... 50%
(Reading database ... 55%
(Reading database ... 60%
(Reading database ... 65%
(Reading database ... 70%
(Reading database ... 75%
(Reading database ... 80%
(Reading database ... 85%
(Reading database ... 90%
(Reading database ... 95%
(Reading database ... 100%
(Reading database ... 176417 files and directories currently installed.)
Preparing to unpack .../wazuh-indexer_4.8.0-wj5952_amd64.deb ...
Creating wazuh-indexer group... OK
Creating wazuh-indexer user... OK
Unpacking wazuh-indexer (4.8.0-wj5952) ...
Setting up wazuh-indexer (4.8.0-wj5952) ...
Created opensearch keystore in /etc/wazuh-indexer/opensearch.keystore
Processing triggers for systemd (245.4-4ubuntu3.17) ...
Processing triggers for libc-bin (2.31-0ubuntu9.9) ...
21/12/2023 13:22:42 DEBUG: Checking Wazuh installation.
21/12/2023 13:22:42 DEBUG: There are Wazuh indexer remaining files.
21/12/2023 13:22:43 INFO: Wazuh indexer installation finished.
21/12/2023 13:22:43 DEBUG: Configuring Wazuh indexer.
21/12/2023 13:22:43 DEBUG: Copying Wazuh indexer certificates.
21/12/2023 13:22:50 INFO: Wazuh indexer post-install configuration finished.
21/12/2023 13:22:50 INFO: Starting service wazuh-indexer.
Created symlink /etc/systemd/system/multi-user.target.wants/wazuh-indexer.service ��� /lib/systemd/system/wazuh-indexer.service.
21/12/2023 13:23:12 INFO: wazuh-indexer service started.
21/12/2023 13:23:12 INFO: Initializing Wazuh indexer cluster security settings.
**************************************************************************
** This tool will be deprecated in the next major release of OpenSearch **
** https://github.com/opensearch-project/security/issues/1755 **
**************************************************************************
Security Admin v7
Will connect to 127.0.0.1:9200 ... done
Connected as "CN=admin,OU=Wazuh,O=Wazuh,L=California,C=US"
OpenSearch Version: 2.10.0
Contacting opensearch cluster 'opensearch' and wait for YELLOW clusterstate ...
Clustername: wazuh-cluster
Clusterstate: GREEN
Number of nodes: 1
Number of data nodes: 1
.opendistro_security index does not exists, attempt to create it ... done (0-all replicas)
Populate config from /etc/wazuh-indexer/opensearch-security/
Will update '/config' with /etc/wazuh-indexer/opensearch-security/config.yml
SUCC: Configuration for 'config' created or updated
Will update '/roles' with /etc/wazuh-indexer/opensearch-security/roles.yml
SUCC: Configuration for 'roles' created or updated
Will update '/rolesmapping' with /etc/wazuh-indexer/opensearch-security/roles_mapping.yml
SUCC: Configuration for 'rolesmapping' created or updated
Will update '/internalusers' with /etc/wazuh-indexer/opensearch-security/internal_users.yml
SUCC: Configuration for 'internalusers' created or updated
Will update '/actiongroups' with /etc/wazuh-indexer/opensearch-security/action_groups.yml
SUCC: Configuration for 'actiongroups' created or updated
Will update '/tenants' with /etc/wazuh-indexer/opensearch-security/tenants.yml
SUCC: Configuration for 'tenants' created or updated
Will update '/nodesdn' with /etc/wazuh-indexer/opensearch-security/nodes_dn.yml
SUCC: Configuration for 'nodesdn' created or updated
Will update '/whitelist' with /etc/wazuh-indexer/opensearch-security/whitelist.yml
SUCC: Configuration for 'whitelist' created or updated
Will update '/audit' with /etc/wazuh-indexer/opensearch-security/audit.yml
SUCC: Configuration for 'audit' created or updated
Will update '/allowlist' with /etc/wazuh-indexer/opensearch-security/allowlist.yml
SUCC: Configuration for 'allowlist' created or updated
SUCC: Expected 10 config types for node {"updated_config_types":["allowlist","tenants","rolesmapping","nodesdn","audit","roles","whitelist","internalusers","actiongroups","config"],"updated_config_siz
e":10,"message":null} is 10 (["allowlist","tenants","rolesmapping","nodesdn","audit","roles","whitelist","internalusers","actiongroups","config"]) due to: null
Done with success
wazuh-alerts template uploaded
wazuh-archives template uploaded
rollover_policy policy uploaded
wazuh-alerts write index created
wazuh-archives write index created
Indexer ISM initialization finished successfully
21/12/2023 13:23:25 INFO: The Wazuh indexer cluster ISM initialized.
21/12/2023 13:23:25 INFO: Wazuh indexer cluster initialized.
21/12/2023 13:23:25 INFO: --- Wazuh server ---
21/12/2023 13:23:25 INFO: Starting the Wazuh manager installation.
Reading package lists... Building dependency tree... Reading state information... The following packages were automatically installed and are no longer required: libfwupdplugin1 linux-aws-5.8-headers-
5.8.0-1038 linux-headers-5.8.0-1038-aws linux-image-5.8.0-1038-aws linux-modules-5.8.0-1038-aws Use 'sudo apt autoremove' to remove them. Suggested packages: expect The following NEW packages will be
installed: wazuh-manager 0 upgraded, 1 newly installed, 0 to remove and 257 not upgraded. Need to get 117 MB of archives. After this operation, 701 MB of additional disk space will be used. Get:1 http
s://packages-dev.wazuh.com/staging/apt unstable/main amd64 wazuh-manager amd64 4.8.0-wj5952 [117 MB] Fetched 117 MB in 2s (52.3 MB/s) Selecting previously unselected package wazuh-manager.
(Reading database ...
(Reading database ... 5%
(Reading database ... 10%
(Reading database ... 15%
(Reading database ... 20%
(Reading database ... 25%
(Reading database ... 30%
(Reading database ... 35%
(Reading database ... 40%
(Reading database ... 45%
(Reading database ... 50%
(Reading database ... 55%
(Reading database ... 60%
(Reading database ... 65%
(Reading database ... 70%
(Reading database ... 75%
(Reading database ... 80%
(Reading database ... 85%
(Reading database ... 90%
(Reading database ... 95%
(Reading database ... 100%
(Reading database ... 177591 files and directories currently installed.)
Preparing to unpack .../wazuh-manager_4.8.0-wj5952_amd64.deb ...
Unpacking wazuh-manager (4.8.0-wj5952) ...
Setting up wazuh-manager (4.8.0-wj5952) ...
Processing triggers for systemd (245.4-4ubuntu3.17) ...
21/12/2023 13:24:26 DEBUG: Checking Wazuh installation.
21/12/2023 13:24:26 DEBUG: There are Wazuh remaining files.
21/12/2023 13:24:26 DEBUG: There are Wazuh indexer remaining files.
21/12/2023 13:24:27 INFO: Wazuh manager installation finished.
21/12/2023 13:24:27 INFO: Starting service wazuh-manager.
Created symlink /etc/systemd/system/multi-user.target.wants/wazuh-manager.service ��� /lib/systemd/system/wazuh-manager.service.
21/12/2023 13:24:48 INFO: wazuh-manager service started.
21/12/2023 13:24:48 INFO: Starting Filebeat installation.
Reading package lists... Building dependency tree... Reading state information... The following packages were automatically installed and are no longer required: libfwupdplugin1 linux-aws-5.8-headers-
5.8.0-1038 linux-headers-5.8.0-1038-aws linux-image-5.8.0-1038-aws linux-modules-5.8.0-1038-aws Use 'sudo apt autoremove' to remove them. The following NEW packages will be installed: filebeat 0 upgra
ded, 1 newly installed, 0 to remove and 257 not upgraded. Need to get 22.1 MB of archives. After this operation, 73.6 MB of additional disk space will be used. Get:1 https://packages-dev.wazuh.com/sta
ging/apt unstable/main amd64 filebeat amd64 7.10.2 [22.1 MB] Fetched 22.1 MB in 1s (33.0 MB/s) Selecting previously unselected package filebeat.
(Reading database ...
(Reading database ... 5%
(Reading database ... 10%
(Reading database ... 15%
(Reading database ... 20%
(Reading database ... 25%
(Reading database ... 30%
(Reading database ... 35%
(Reading database ... 40%
(Reading database ... 45%
(Reading database ... 50%
(Reading database ... 55%
(Reading database ... 60%
(Reading database ... 65%
(Reading database ... 70%
(Reading database ... 75%
(Reading database ... 80%
(Reading database ... 85%
(Reading database ... 90%
(Reading database ... 95%
(Reading database ... 100%
(Reading database ... 199585 files and directories currently installed.)
Preparing to unpack .../filebeat_7.10.2_amd64.deb ...
Unpacking filebeat (7.10.2) ...
Setting up filebeat (7.10.2) ...
Processing triggers for systemd (245.4-4ubuntu3.17) ...
21/12/2023 13:24:58 DEBUG: Checking Wazuh installation.
21/12/2023 13:24:58 DEBUG: There are Wazuh remaining files.
21/12/2023 13:24:58 DEBUG: There are Wazuh indexer remaining files.
21/12/2023 13:24:59 DEBUG: There are Filebeat remaining files.
21/12/2023 13:24:59 INFO: Filebeat installation finished.
21/12/2023 13:24:59 DEBUG: Configuring Filebeat.
21/12/2023 13:24:59 DEBUG: Filebeat template was download successfully.
wazuh/
wazuh/archives/
wazuh/archives/ingest/
wazuh/archives/ingest/pipeline.json
wazuh/archives/config/
wazuh/archives/config/archives.yml
wazuh/archives/manifest.yml
wazuh/_meta/
wazuh/_meta/config.yml
wazuh/_meta/docs.asciidoc
wazuh/_meta/fields.yml
wazuh/alerts/
wazuh/alerts/ingest/
wazuh/alerts/ingest/pipeline.json
wazuh/alerts/config/
wazuh/alerts/config/alerts.yml
wazuh/alerts/manifest.yml
wazuh/module.yml
21/12/2023 13:25:00 DEBUG: Filebeat module was downloaded successfully.
21/12/2023 13:25:00 DEBUG: Copying Filebeat certificates.
Created filebeat keystore
Successfully updated the keystore
Successfully updated the keystore
21/12/2023 13:25:00 INFO: Filebeat post-install configuration finished.
21/12/2023 13:25:00 INFO: Starting service filebeat.
Synchronizing state of filebeat.service with SysV service script with /lib/systemd/systemd-sysv-install.
Executing: /lib/systemd/systemd-sysv-install enable filebeat
Created symlink /etc/systemd/system/multi-user.target.wants/filebeat.service ��� /lib/systemd/system/filebeat.service.
21/12/2023 13:25:01 INFO: filebeat service started.
21/12/2023 13:25:01 INFO: --- Wazuh dashboard ---
21/12/2023 13:25:01 INFO: Starting Wazuh dashboard installation.
Reading package lists... Building dependency tree... Reading state information... The following packages were automatically installed and are no longer required: libfwupdplugin1 linux-aws-5.8-headers-
5.8.0-1038 linux-headers-5.8.0-1038-aws linux-image-5.8.0-1038-aws linux-modules-5.8.0-1038-aws Use 'sudo apt autoremove' to remove them. The following NEW packages will be installed: wazuh-dashboard
0 upgraded, 1 newly installed, 0 to remove and 257 not upgraded. Need to get 186 MB of archives. After this operation, 987 MB of additional disk space will be used. Get:1 https://packages-dev.wazuh.co
m/staging/apt unstable/main amd64 wazuh-dashboard amd64 4.8.0-wj5952 [186 MB] Fetched 186 MB in 5s (35.0 MB/s) Selecting previously unselected package wazuh-dashboard.
(Reading database ...
(Reading database ... 5%
(Reading database ... 10%
(Reading database ... 15%
(Reading database ... 20%
(Reading database ... 25%
(Reading database ... 30%
(Reading database ... 35%
(Reading database ... 40%
(Reading database ... 45%
(Reading database ... 50%
(Reading database ... 55%
(Reading database ... 60%
(Reading database ... 65%
(Reading database ... 70%
(Reading database ... 75%
(Reading database ... 80%
(Reading database ... 85%
(Reading database ... 90%
(Reading database ... 95%
(Reading database ... 100%
(Reading database ... 199904 files and directories currently installed.)
Preparing to unpack .../wazuh-dashboard_4.8.0-wj5952_amd64.deb ...
Creating wazuh-dashboard group... OK
Creating wazuh-dashboard user... OK
Unpacking wazuh-dashboard (4.8.0-wj5952) ...
Setting up wazuh-dashboard (4.8.0-wj5952) ...
21/12/2023 13:25:59 DEBUG: Checking Wazuh installation.
21/12/2023 13:26:00 DEBUG: There are Wazuh remaining files.
21/12/2023 13:26:00 DEBUG: There are Wazuh indexer remaining files.
21/12/2023 13:26:01 DEBUG: There are Filebeat remaining files.
21/12/2023 13:26:02 DEBUG: There are Wazuh dashboard remaining files.
21/12/2023 13:26:02 INFO: Wazuh dashboard installation finished.
21/12/2023 13:26:02 DEBUG: Configuring Wazuh dashboard.
21/12/2023 13:26:02 DEBUG: Copying Wazuh dashboard certificates.
21/12/2023 13:26:02 DEBUG: Wazuh dashboard certificate setup finished.
21/12/2023 13:26:02 INFO: Wazuh dashboard post-install configuration finished.
21/12/2023 13:26:02 INFO: Starting service wazuh-dashboard.
Created symlink /etc/systemd/system/multi-user.target.wants/wazuh-dashboard.service ��� /etc/systemd/system/wazuh-dashboard.service.
21/12/2023 13:26:02 INFO: wazuh-dashboard service started.
21/12/2023 13:26:02 DEBUG: Setting Wazuh indexer cluster passwords.
21/12/2023 13:26:02 DEBUG: Checking Wazuh installation.
21/12/2023 13:26:03 DEBUG: There are Wazuh remaining files.
21/12/2023 13:26:03 DEBUG: There are Wazuh indexer remaining files.
21/12/2023 13:26:04 DEBUG: There are Filebeat remaining files.
21/12/2023 13:26:05 DEBUG: There are Wazuh dashboard remaining files.
21/12/2023 13:26:05 INFO: Updating the internal users.
21/12/2023 13:26:05 DEBUG: Creating password backup.
**************************************************************************
** This tool will be deprecated in the next major release of OpenSearch **
** https://github.com/opensearch-project/security/issues/1755 **
**************************************************************************
Security Admin v7
Will connect to localhost:9200 ... done
Connected as "CN=admin,OU=Wazuh,O=Wazuh,L=California,C=US"
OpenSearch Version: 2.10.0
Contacting opensearch cluster 'opensearch' and wait for YELLOW clusterstate ...
Clustername: wazuh-cluster
Clusterstate: YELLOW
Number of nodes: 1
Number of data nodes: 1
.opendistro_security index already exists, so we do not need to create one.
Will retrieve '/config' into /etc/wazuh-indexer/backup/config.yml
SUCC: Configuration for 'config' stored in /etc/wazuh-indexer/backup/config.yml
Will retrieve '/roles' into /etc/wazuh-indexer/backup/roles.yml
SUCC: Configuration for 'roles' stored in /etc/wazuh-indexer/backup/roles.yml
Will retrieve '/rolesmapping' into /etc/wazuh-indexer/backup/roles_mapping.yml
SUCC: Configuration for 'rolesmapping' stored in /etc/wazuh-indexer/backup/roles_mapping.yml
Will retrieve '/internalusers' into /etc/wazuh-indexer/backup/internal_users.yml
SUCC: Configuration for 'internalusers' stored in /etc/wazuh-indexer/backup/internal_users.yml
Will retrieve '/actiongroups' into /etc/wazuh-indexer/backup/action_groups.yml
SUCC: Configuration for 'actiongroups' stored in /etc/wazuh-indexer/backup/action_groups.yml
Will retrieve '/tenants' into /etc/wazuh-indexer/backup/tenants.yml
SUCC: Configuration for 'tenants' stored in /etc/wazuh-indexer/backup/tenants.yml
Will retrieve '/nodesdn' into /etc/wazuh-indexer/backup/nodes_dn.yml
SUCC: Configuration for 'nodesdn' stored in /etc/wazuh-indexer/backup/nodes_dn.yml
Will retrieve '/whitelist' into /etc/wazuh-indexer/backup/whitelist.yml
SUCC: Configuration for 'whitelist' stored in /etc/wazuh-indexer/backup/whitelist.yml
Will retrieve '/allowlist' into /etc/wazuh-indexer/backup/allowlist.yml
SUCC: Configuration for 'allowlist' stored in /etc/wazuh-indexer/backup/allowlist.yml
Will retrieve '/audit' into /etc/wazuh-indexer/backup/audit.yml
SUCC: Configuration for 'audit' stored in /etc/wazuh-indexer/backup/audit.yml
21/12/2023 13:26:13 DEBUG: Password backup created in /etc/wazuh-indexer/backup.
21/12/2023 13:26:13 INFO: A backup of the internal users has been saved in the /etc/wazuh-indexer/internalusers-backup folder.
21/12/2023 13:26:13 DEBUG: The internal users have been updated before changing the passwords.
21/12/2023 13:26:15 DEBUG: Generating password hashes.
21/12/2023 13:26:24 DEBUG: Password hashes generated.
21/12/2023 13:26:24 DEBUG: Creating password backup.
**************************************************************************
** This tool will be deprecated in the next major release of OpenSearch **
** https://github.com/opensearch-project/security/issues/1755 **
**************************************************************************
Security Admin v7
Will connect to localhost:9200 ... done
Connected as "CN=admin,OU=Wazuh,O=Wazuh,L=California,C=US"
OpenSearch Version: 2.10.0
Contacting opensearch cluster 'opensearch' and wait for YELLOW clusterstate ...
Clustername: wazuh-cluster
Clusterstate: YELLOW
Number of nodes: 1
Number of data nodes: 1
.opendistro_security index already exists, so we do not need to create one.
Will retrieve '/config' into /etc/wazuh-indexer/backup/config.yml
SUCC: Configuration for 'config' stored in /etc/wazuh-indexer/backup/config.yml
Will retrieve '/roles' into /etc/wazuh-indexer/backup/roles.yml
SUCC: Configuration for 'roles' stored in /etc/wazuh-indexer/backup/roles.yml
Will retrieve '/rolesmapping' into /etc/wazuh-indexer/backup/roles_mapping.yml
SUCC: Configuration for 'rolesmapping' stored in /etc/wazuh-indexer/backup/roles_mapping.yml
Will retrieve '/internalusers' into /etc/wazuh-indexer/backup/internal_users.yml
SUCC: Configuration for 'internalusers' stored in /etc/wazuh-indexer/backup/internal_users.yml
Will retrieve '/actiongroups' into /etc/wazuh-indexer/backup/action_groups.yml
SUCC: Configuration for 'actiongroups' stored in /etc/wazuh-indexer/backup/action_groups.yml
Will retrieve '/tenants' into /etc/wazuh-indexer/backup/tenants.yml
SUCC: Configuration for 'tenants' stored in /etc/wazuh-indexer/backup/tenants.yml
Will retrieve '/nodesdn' into /etc/wazuh-indexer/backup/nodes_dn.yml
SUCC: Configuration for 'nodesdn' stored in /etc/wazuh-indexer/backup/nodes_dn.yml
Will retrieve '/whitelist' into /etc/wazuh-indexer/backup/whitelist.yml
SUCC: Configuration for 'whitelist' stored in /etc/wazuh-indexer/backup/whitelist.yml
Will retrieve '/allowlist' into /etc/wazuh-indexer/backup/allowlist.yml
SUCC: Configuration for 'allowlist' stored in /etc/wazuh-indexer/backup/allowlist.yml
Will retrieve '/audit' into /etc/wazuh-indexer/backup/audit.yml
SUCC: Configuration for 'audit' stored in /etc/wazuh-indexer/backup/audit.yml
21/12/2023 13:26:30 DEBUG: Password backup created in /etc/wazuh-indexer/backup.
Successfully updated the keystore
21/12/2023 13:26:30 DEBUG: Restarting filebeat service...
21/12/2023 13:26:31 DEBUG: filebeat started.
21/12/2023 13:26:32 DEBUG: Restarting wazuh-dashboard service...
21/12/2023 13:26:33 DEBUG: wazuh-dashboard started.
21/12/2023 13:26:33 DEBUG: Running security admin tool.
21/12/2023 13:26:33 DEBUG: Loading new passwords changes.
**************************************************************************
** This tool will be deprecated in the next major release of OpenSearch **
** https://github.com/opensearch-project/security/issues/1755 **
**************************************************************************
Security Admin v7
Will connect to localhost:9200 ... done
Connected as "CN=admin,OU=Wazuh,O=Wazuh,L=California,C=US"
OpenSearch Version: 2.10.0
Contacting opensearch cluster 'opensearch' and wait for YELLOW clusterstate ...
Clustername: wazuh-cluster
Clusterstate: YELLOW
Number of nodes: 1
Number of data nodes: 1
.opendistro_security index already exists, so we do not need to create one.
Populate config from /tmp/unattended/unattended_installer
Force type: internalusers
Will update '/internalusers' with /etc/wazuh-indexer/backup/internal_users.yml
SUCC: Configuration for 'internalusers' created or updated
SUCC: Expected 1 config types for node {"updated_config_types":["internalusers"],"updated_config_size":1,"message":null} is 1 (["internalusers"]) due to: null
Done with success
21/12/2023 13:26:38 DEBUG: Passwords changed.
21/12/2023 13:26:38 DEBUG: Changing API passwords.
21/12/2023 13:26:46 INFO: Initializing Wazuh dashboard web application.
21/12/2023 13:26:47 INFO: Wazuh dashboard web application initialized.
21/12/2023 13:26:47 INFO: --- Summary ---
21/12/2023 13:26:47 INFO: You can access the web interface https://<wazuh-dashboard-ip>:443
User: admin
Password: yQ?5K*2EAiuca*cmLjsW?23BIG4b3XL?
21/12/2023 13:26:47 DEBUG: Restoring Wazuh repository.
21/12/2023 13:26:47 INFO: Installation finished.
Loading