Use multiple protocols in windows deployment variables #3400

DFolchA · 2022-10-03T08:30:56Z

Target version	Related issue	Related PR
4.4.0	wazuh/wazuh#14532	wazuh/wazuh#15038

Description

In this issue, we have added a feature that allows the users to add multiple protocol types when using the deployment variables. This needs manual testing to validate it.

Proposed checks

Tests all deployment variables at the same time with multiple addresses.
Tests all deployment variables at the same time with multiple protocols and multiple addresses.
Test each deployment variable individually.
Test deployment variables using 1 address and multiple protocols, only the first protocol should be used.
Test deployment variables using multiple addresses and 1 protocol, the protocols that have not been set in the variables should be set to TCP.
Test deployment variables using 1 address and 1 protocol.

This tests must be performed on Linux, Windows and macOS systems.

Steps to reproduce

Expected results

After the installation, the configuration in ossec.conf should be the correct one for the deployment variables used.

Configuration and considerations

The text was updated successfully, but these errors were encountered:

Rebits · 2022-10-06T13:39:53Z

Tester review

Tester	PR commit
@Rebits	d677dd2

Testing environment

OS	OS version	Deployment	Image/AMI
Ubuntu	22	EC2	`ami-003530de8839921c4`
Amazon Linux	2	EC2	`ami-06cfe42abdba039eb`
macOS	Sierra	Vagrant
Windows Server	2022	Vagrant	`ami-047e29beecff33db0`

OS	Package
Ubuntu	Manager, Agent
Amazon Linux	Agent
macOS	Agent
Windows Server	Agent

Conclusion 🔴

Installation using deployment variable WAZUH_MANAGER reorderer specified managers for Linux and macOS agents. This behavior also produces a mismatch of protocols and managers, changing specified protocols by the default TCP 🔴
Installation using deployment variable WAZUH_PROTOCOL in Windows agent duplicate the protocol configuration block. This could result in a final configuration in which the specified protocol is not used. Not present in 4.3.8 🔴
Installation using deployment variable WAZUH_MANAGER with multiple values in Windows agent fails. Not present in 4.3.8 🔴
Warning during Ubuntu agent installation N: Download is performed unsandboxed as root as file '/home/ubuntu/wazuh-agent_4.4.0-0.commitd677dd2_amd64.deb' couldn't be accessed by user '_apt'. - pkgAcquire::Run (13: Permission denied). Not present in 4.3.8 🔴. Reported Debian package installation from /root directory show pkgAcquire::Run (13: Permission denied) message wazuh-packages#1709
Windows Server 2022 default configuration does not include any config-profile 🟡 . Detailed in Create profiles for Windows Server 2022 and Windows 11 wazuh#15150
Default manager IP mismatch for Linux and macOS agents (MANAGER_IP) from Windows (0.0.0.0). Present in 4.3.8 🟡. Detailed in Standarize default manager for all OS wazuh#15154
Warning during Ubuntu agent uninstall: dpkg: warning: while removing wazuh-agent, directory '/usr/lib/systemd/system' not empty so not removed. Present in 4.3.8 🟡. Detailed in Unexpected warning during Ubuntu agent uninstallation wazuh-packages#1879

Status

Rebits · 2022-10-07T09:39:19Z

Testing results 🔴

List of Deployment variables for each OS

Deployment variables for Linux

WAZUH_MANAGER

WAZUH_MANAGER_PORT

WAZUH_PROTOCOL

WAZUH_REGISTRATION_SERVER

WAZUH_REGISTRATION_PORT

WAZUH_REGISTRATION_PASSWORD

WAZUH_KEEP_ALIVE_INTERVAL

WAZUH_TIME_RECONNECT

WAZUH_REGISTRATION_CA

WAZUH_REGISTRATION_CERTIFICATE

WAZUH_REGISTRATION_KEY

WAZUH_AGENT_NAME

WAZUH_AGENT_GROUP

ENROLLMENT_DELAY

Deployment variables for Windows

WAZUH_MANAGER

WAZUH_MANAGER_PORT

WAZUH_PROTOCOL

WAZUH_REGISTRATION_SERVER

WAZUH_REGISTRATION_PORT

WAZUH_REGISTRATION_PASSWORD

WAZUH_KEEP_ALIVE_INTERVAL

WAZUH_TIME_RECONNECT

WAZUH_REGISTRATION_CA

WAZUH_REGISTRATION_CERTIFICATE

WAZUH_REGISTRATION_KEY

WAZUH_AGENT_NAME

WAZUH_AGENT_GROUP

ENROLLMENT_DELAY

/l installer.log

/l*v installer.log

Deployment variables for macOS

WAZUH_MANAGER

WAZUH_MANAGER_PORT

WAZUH_PROTOCOL

WAZUH_REGISTRATION_SERVER

WAZUH_REGISTRATION_PORT

WAZUH_REGISTRATION_PASSWORD

WAZUH_KEEP_ALIVE_INTERVAL

WAZUH_TIME_RECONNECT

WAZUH_REGISTRATION_CA

WAZUH_REGISTRATION_CERTIFICATE

WAZUH_REGISTRATION_KEY

WAZUH_AGENT_NAME

WAZUH_AGENT_GROUP

ENROLLMENT_DELAY

Multiple addresses and protocols 🔴

Some issues were detected for all OS:

Linux and macOS

Protocols and managers mismatch due to manager reordering. Managers 3.3.3.3, 2.2.2.2. 1.1.1.1 should use UDP, UDP, TCP respectively.

Managers are reordered in alphabetical order. This is not expected.

The agent should use as registration address the first manager address specified 3.3.3.3

Windows

Multiple protocol configuration blocks, resulting in the use of a not specified protocol. (Not present in 4.3.8)
AmazonLinux 🔴

Command: WAZUH_MANAGER=3.3.3.3,2.2.2.2,1.1.1.1 WAZUH_PROTOCOL=UDP,UDP,TCP yum install wazuh-agent
Configuration:
<ossec_config>
  <client>
    <server>
      <address>1.1.1.1</address>
      <port>1514</port>
      <protocol>udp</protocol>
    </server>
    <server>
      <address>2.2.2.2</address>
      <port>1514</port>
      <protocol>udp</protocol>
    </server>
    <server>
      <address>3.3.3.3</address>
      <port>1514</port>
      <protocol>tcp</protocol>
    </server>
    <config-profile>amzn, amzn2</config-profile>
    <notify_time>10</notify_time>
    <time-reconnect>60</time-reconnect>
    <auto_restart>yes</auto_restart>
    <crypto_method>aes</crypto_method>
    <enrollment>
      <enabled>yes</enabled>
      <manager_address>1.1.1.1</manager_address>
      <authorization_pass_path>etc/authd.pass</authorization_pass_path>
    </enrollment>
  </client>
Ubuntu 🔴

Command: WAZUH_MANAGER=3.3.3.3,2.2.2.2,1.1.1.1 WAZUH_PROTOCOL=UDP,UDP,TCP apt-get install wazuh-agent
Configuration:
<ossec_config>
  <client>
    <server>
      <address>1.1.1.1</address>
      <port>1514</port>
      <protocol>udp</protocol>
    </server>
    <server>
      <address>2.2.2.2</address>
      <port>1514</port>
      <protocol>udp</protocol>
    </server>
    <server>
      <address>3.3.3.3</address>
      <port>1514</port>
      <protocol>tcp</protocol>
    </server>
    <config-profile>ubuntu, ubuntu22, ubuntu22.04</config-profile>
    <notify_time>10</notify_time>
    <time-reconnect>60</time-reconnect>
    <auto_restart>yes</auto_restart>
    <crypto_method>aes</crypto_method>
    <enrollment>
      <enabled>yes</enabled>
      <manager_address>1.1.1.1</manager_address>
      <authorization_pass_path>etc/authd.pass</authorization_pass_path>
    </enrollment>
  </client>
Windows 🔴

Managers' addresses are ordered but the protocol is set two times. Not expected behavior. The final protocol used is not specified at installation time.
Also, no enrollment configuration is set.

Command: wazuh-agent.msi /q WAZUH_MANAGER=3.3.3.3,2.2.2.2,1.1.1.1 WAZUH_PROTOCOL=UDP,UDP,TCP
Configuration:
  <client>
    <server>
      <address>3.3.3.3</address>
      <port>1514</port>
      <protocol>udp</protocol>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>2.2.2.2</address>
      <port>1514</port>
      <protocol>udp</protocol>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>1.1.1.1</address>
      <port>1514</port>
      <protocol>tcp</protocol>
      <protocol>tcp</protocol>
    </server>

    <crypto_method>aes</crypto_method>
    <notify_time>10</notify_time>
    <time-reconnect>60</time-reconnect>
    <auto_restart>yes</auto_restart>
  </client>
Notice that the default configuration for Windows Server 2022 does not include config-profile.
macOS 🔴

Command: launchctl setenv WAZUH_MANAGER "3.3.3.3,2.2.2.2,1.1.1.1" WAZUH_PROTOCOL "UDP,UDP,TCP" && installer -pkg wazuh-agent-4.4.0-0.commitd677dd2.pkg -target /
Configuration:
  <client>
    <server>
      <address>1.1.1.1</address>
      <port>1514</port>
      <protocol>udp</protocol>
    </server>
    <server>
      <address>2.2.2.2</address>
      <port>1514</port>
      <protocol>udp</protocol>
    </server>
    <server>
      <address>3.3.3.3</address>
      <port>1514</port>
      <protocol>tcp</protocol>
    </server>
    <config-profile>darwin, darwin21, darwin21.1</config-profile>
    <notify_time>10</notify_time>
    <time-reconnect>60</time-reconnect>
    <auto_restart>yes</auto_restart>
    <crypto_method>aes</crypto_method>
    <enrollment>
      <enabled>yes</enabled>
      <manager_address>1.1.1.1</manager_address>
      <authorization_pass_path>etc/authd.pass</authorization_pass_path>
    </enrollment>
  </client>

All deployment variables at the same time with multiple addresses 🔴

Some issues were detected:

Windows

Windows installer fails. Error not present in 4.3.8
AmazonLinux 🟢

Command: WAZUH_MANAGER=1.1.1.1,wazuh-manager,3.3.3.3,testing-manager,dns-manager,MANAGER-4 WAZUH_MANAGER_PORT=7777 WAZUH_PROTOCOL=udp WAZUH_REGISTRATION_SERVER=2.2.2.2 WAZUH_REGISTRATION_PORT=8888 WAZUH_REGISTRATION_PASSWORD=password WAZUH_KEEP_ALIVE_INTERVAL=10 WAZUH_TIME_RECONNECT=10 WAZUH_REGISTRATION_CA=/var/ossec/etc/testsslmanager.cert WAZUH_REGISTRATION_CERTIFICATE=/var/ossec/etc/testsslmanager.cert WAZUH_REGISTRATION_KEY=/var/ossec/etc/testsslmanager.key WAZUH_AGENT_NAME=test-agent WAZUH_AGENT_GROUP=test-group ENROLLMENT_DELAY=10 yum install ./wazuh-agent-4.4.0-0.commitd677dd2.x86_64.rpm
Configuration:
  <client>
    <server>
      <address>1.1.1.1</address>
      <port>7777</port>
      <protocol>udp</protocol>
    </server>
    <server>
      <address>3.3.3.3</address>
      <port>7777</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>dns-manager</address>
      <port>7777</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>MANAGER-4</address>
      <port>7777</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>testing-manager</address>
      <port>7777</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>wazuh-manager</address>
      <port>7777</port>
      <protocol>tcp</protocol>
    </server>
    <config-profile>amzn, amzn2</config-profile>
    <notify_time>10</notify_time>
    <time-reconnect>10</time-reconnect>
    <auto_restart>yes</auto_restart>
    <crypto_method>aes</crypto_method>
    <enrollment>
      <enabled>yes</enabled>
      <manager_address>2.2.2.2</manager_address>
      <port>8888</port>
      <agent_name>test-agent</agent_name>
      <groups>test-group</groups>
      <server_ca_path>/var/ossec/etc/testsslmanager.cert</server_ca_path>
      <agent_certificate_path>/var/ossec/etc/testsslmanager.cert</agent_certificate_path>
      <agent_key_path>/var/ossec/etc/testsslmanager.key</agent_key_path>
      <authorization_pass_path>etc/authd.pass</authorization_pass_path>
      <delay_after_enrollment>10</delay_after_enrollment>
    </enrollment>
  </client>
Ubuntu 🟢

Command: WAZUH_MANAGER=1.1.1.1,wazuh-manager,3.3.3.3,testing-manager,dns-manager,MANAGER-4 WAZUH_MANAGER_PORT=7777 WAZUH_PROTOCOL=udp WAZUH_REGISTRATION_SERVER=2.2.2.2 WAZUH_REGISTRATION_PORT=8888 WAZUH_REGISTRATION_PASSWORD=password WAZUH_KEEP_ALIVE_INTERVAL=10 WAZUH_TIME_RECONNECT=10 WAZUH_REGISTRATION_CA=/var/ossec/etc/testsslmanager.cert WAZUH_REGISTRATION_CERTIFICATE=/var/ossec/etc/testsslmanager.cert WAZUH_REGISTRATION_KEY=/var/ossec/etc/testsslmanager.key WAZUH_AGENT_NAME=test-agent WAZUH_AGENT_GROUP=test-group ENROLLMENT_DELAY=10 apt-get install ./wazuh-agent_4.4.0-0.commitd677dd2_amd64.deb
Command:
  <client>
    <server>
      <address>1.1.1.1</address>
      <port>7777</port>
      <protocol>udp</protocol>
    </server>
    <server>
      <address>3.3.3.3</address>
      <port>7777</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>dns-manager</address>
      <port>7777</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>MANAGER-4</address>
      <port>7777</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>testing-manager</address>
      <port>7777</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>wazuh-manager</address>
      <port>7777</port>
      <protocol>tcp</protocol>
    </server>
    <config-profile>ubuntu, ubuntu22, ubuntu22.04</config-profile>
    <notify_time>10</notify_time>
    <time-reconnect>10</time-reconnect>
    <auto_restart>yes</auto_restart>
    <crypto_method>aes</crypto_method>
    <enrollment>
      <enabled>yes</enabled>
      <manager_address>2.2.2.2</manager_address>
      <port>8888</port>
      <agent_name>test-agent</agent_name>
      <groups>test-group</groups>
      <server_ca_path>/var/ossec/etc/testsslmanager.cert</server_ca_path>
      <agent_certificate_path>/var/ossec/etc/testsslmanager.cert</agent_certificate_path>
      <agent_key_path>/var/ossec/etc/testsslmanager.key</agent_key_path>
      <authorization_pass_path>etc/authd.pass</authorization_pass_path>
      <delay_after_enrollment>10</delay_after_enrollment>
    </enrollment>
  </client>
Windows 🔴 ⚠️

Error during agent installation

Command: .\wazuh-agent.msi /q WAZUH_MANAGER=1.1.1.1,wazuh-manager,3.3.3.3,testing-manager,dns-manager,MANAGER-4 WAZUH_MANAGER_PORT=7777 WAZUH_PROTOCOL=udp WAZUH_REGISTRATION_SERVER=2.2.2.2 WAZUH_REGISTRATION_PORT=8888 WAZUH_REGISTRATION_PASSWORD=password WAZUH_KEEP_ALIVE_INTERVAL=10 WAZUH_TIME_RECONNECT=10 WAZUH_REGISTRATION_CA=/var/ossec/etc/testsslmanager.cert WAZUH_REGISTRATION_CERTIFICATE=/var/ossec/etc/testsslmanager.cert WAZUH_REGISTRATION_KEY=/var/ossec/etc/testsslmanager.key WAZUH_AGENT_NAME=test-agent WAZUH_AGENT_GROUP=test-group ENROLLMENT_DELAY=10 /l*v installer.log
installer.log:
installer.zip
macOS 🟢

Command: setenv WAZUH_MANAGER "1.1.1.1,wazuh-manager,3.3.3.3,testing-manager,dns-manager,MANAGER-4" WAZUH_MANAGER_PORT "7777" WAZUH_PROTOCOL "udp" WAZUH_REGISTRATION_SERVER "2.2.2.2" WAZUH_REGISTRATION_PORT "8888" WAZUH_REGISTRATION_PASSWORD "password" WAZUH_KEEP_ALIVE_INTERVAL "10" WAZUH_TIME_RECONNECT "10" WAZUH_REGISTRATION_CA "/var/ossec/etc/testsslmanager.cert" WAZUH_REGISTRATION_CERTIFICATE "/var/ossec/etc/testsslmanager.cert" WAZUH_REGISTRATION_KEY "/var/ossec/etc/testsslmanager.key" WAZUH_AGENT_NAME "test-agent" WAZUH_AGENT_GROUP "test-group" ENROLLMENT_DELAY "10" && installer -pkg wazuh-agent-4.4.0-0.commitd677dd2.pkg -target /;

Configuration:
  <client>
    <server>
      <address>1.1.1.1</address>
      <port>7777</port>
      <protocol>udp</protocol>
    </server>
    <server>
      <address>3.3.3.3</address>
      <port>7777</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>MANAGER-4</address>
      <port>7777</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>dns-manager</address>
      <port>7777</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>testing-manager</address>
      <port>7777</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>wazuh-manager</address>
      <port>7777</port>
      <protocol>tcp</protocol>
    </server>
    <config-profile>darwin, darwin21, darwin21.1</config-profile>
    <notify_time>10</notify_time>
    <time-reconnect>10</time-reconnect>
    <auto_restart>yes</auto_restart>
    <crypto_method>aes</crypto_method>
    <enrollment>
      <enabled>yes</enabled>
      <manager_address>2.2.2.2</manager_address>
      <port>8888</port>
      <agent_name>test-agent</agent_name>
      <groups>test-group</groups>
      <server_ca_path>/var/ossec/etc/testsslmanager.cert</server_ca_path>
      <agent_certificate_path>/var/ossec/etc/testsslmanager.cert</agent_certificate_path>
      <agent_key_path>/var/ossec/etc/testsslmanager.key</agent_key_path>
      <authorization_pass_path>etc/authd.pass</authorization_pass_path>
      <delay_after_enrollment>10</delay_after_enrollment>
    </enrollment>
  </client>

All deployment variables at the same time with multiple addresses and protocols 🔴

Linux and macOS

Protocols and managers mismatch due to manager reordering.

Managers are reordered in alphabetical order. This is not expected.

Windows

Multiple protocol configuration blocks, resulting in the use of a not specified protocol. (Not present in 4.3.8)
AmazonLinux 🔴

Command: WAZUH_MANAGER=1.1.1.1,wazuh-manager,3.3.3.3,testing-manager,dns-manager,MANAGER-4 WAZUH_MANAGER_PORT=7777 WAZUH_PROTOCOL=udp,tcp,udp,tcp,udp,tcp,udp,tcp WAZUH_REGISTRATION_SERVER=2.2.2.2 WAZUH_REGISTRATION_PORT=8888 WAZUH_REGISTRATION_PASSWORD=password WAZUH_KEEP_ALIVE_INTERVAL=10 WAZUH_TIME_RECONNECT=10 WAZUH_REGISTRATION_CA=/var/ossec/etc/testsslmanager.cert WAZUH_REGISTRATION_CERTIFICATE=/var/ossec/etc/testsslmanager.cert WAZUH_REGISTRATION_KEY=/var/ossec/etc/testsslmanager.key WAZUH_AGENT_NAME=test-agent WAZUH_AGENT_GROUP=test-group ENROLLMENT_DELAY=10 yum install ./wazuh-agent-4.4.0-0.commitd677dd2.x86_64.rpm
Configuration:
  <client>
    <server>
      <address>1.1.1.1</address>
      <port>7777</port>
      <protocol>udp</protocol>
    </server>
    <server>
      <address>3.3.3.3</address>
      <port>7777</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>dns-manager</address>
      <port>7777</port>
      <protocol>udp</protocol>
    </server>
    <server>
      <address>MANAGER-4</address>
      <port>7777</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>testing-manager</address>
      <port>7777</port>
      <protocol>udp</protocol>
    </server>
    <server>
      <address>wazuh-manager</address>
      <port>7777</port>
      <protocol>tcp</protocol>
    </server>
    <config-profile>amzn, amzn2</config-profile>
    <notify_time>10</notify_time>
    <time-reconnect>10</time-reconnect>
    <auto_restart>yes</auto_restart>
    <crypto_method>aes</crypto_method>
    <enrollment>
      <enabled>yes</enabled>
      <manager_address>2.2.2.2</manager_address>
      <port>8888</port>
      <agent_name>test-agent</agent_name>
      <groups>test-group</groups>
      <server_ca_path>/var/ossec/etc/testsslmanager.cert</server_ca_path>
      <agent_certificate_path>/var/ossec/etc/testsslmanager.cert</agent_certificate_path>
      <agent_key_path>/var/ossec/etc/testsslmanager.key</agent_key_path>
      <authorization_pass_path>etc/authd.pass</authorization_pass_path>
      <delay_after_enrollment>10</delay_after_enrollment>
    </enrollment>
  </client>
Ubuntu 🔴

Command: WAZUH_MANAGER=1.1.1.1,wazuh-manager,3.3.3.3,testing-manager,dns-manager,MANAGER-4 WAZUH_MANAGER_PORT=7777 WAZUH_PROTOCOL=udp,tcp,udp,tcp,udp,tcp,udp,tcp WAZUH_REGISTRATION_SERVER=2.2.2.2 WAZUH_REGISTRATION_PORT=8888 WAZUH_REGISTRATION_PASSWORD=password WAZUH_KEEP_ALIVE_INTERVAL=10 WAZUH_TIME_RECONNECT=10 WAZUH_REGISTRATION_CA=/var/ossec/etc/testsslmanager.cert WAZUH_REGISTRATION_CERTIFICATE=/var/ossec/etc/testsslmanager.cert WAZUH_REGISTRATION_KEY=/var/ossec/etc/testsslmanager.key WAZUH_AGENT_NAME=test-agent WAZUH_AGENT_GROUP=test-group ENROLLMENT_DELAY=10 apt-get install ./wazuh-agent_4.4.0-0.commitd677dd2_amd64.deb
Configuration:
  <client>
    <server>
      <address>1.1.1.1</address>
      <port>7777</port>
      <protocol>udp</protocol>
    </server>
    <server>
      <address>3.3.3.3</address>
      <port>7777</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>dns-manager</address>
      <port>7777</port>
      <protocol>udp</protocol>
    </server>
    <server>
      <address>MANAGER-4</address>
      <port>7777</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>testing-manager</address>
      <port>7777</port>
      <protocol>udp</protocol>
    </server>
    <server>
      <address>wazuh-manager</address>
      <port>7777</port>
      <protocol>tcp</protocol>
    </server>
    <config-profile>ubuntu, ubuntu22, ubuntu22.04</config-profile>
    <notify_time>10</notify_time>
    <time-reconnect>10</time-reconnect>
    <auto_restart>yes</auto_restart>
    <crypto_method>aes</crypto_method>
    <enrollment>
      <enabled>yes</enabled>
      <manager_address>2.2.2.2</manager_address>
      <port>8888</port>
      <agent_name>test-agent</agent_name>
      <groups>test-group</groups>
      <server_ca_path>/var/ossec/etc/testsslmanager.cert</server_ca_path>
      <agent_certificate_path>/var/ossec/etc/testsslmanager.cert</agent_certificate_path>
      <agent_key_path>/var/ossec/etc/testsslmanager.key</agent_key_path>
      <authorization_pass_path>etc/authd.pass</authorization_pass_path>
      <delay_after_enrollment>10</delay_after_enrollment>
    </enrollment>
  </client>
Windows 🔴

Command: .\wazuh-agent.msi /q WAZUH_MANAGER=1.1.1.1,wazuh-manager,3.3.3.3,testing-manager,dns-manager,MANAGER-4 WAZUH_MANAGER_PORT=7777 WAZUH_PROTOCOL=udp,tcp,udp,tcp,udp,tcp,udp,tcp WAZUH_REGISTRATION_SERVER=2.2.2.2 WAZUH_REGISTRATION_PORT=8888 WAZUH_REGISTRATION_PASSWORD=password WAZUH_KEEP_ALIVE_INTERVAL=10 WAZUH_TIME_RECONNECT=10 WAZUH_REGISTRATION_CA=/var/ossec/etc/testsslmanager.cert WAZUH_REGISTRATION_CERTIFICATE=/var/ossec/etc/testsslmanager.cert WAZUH_REGISTRATION_KEY=/var/ossec/etc/testsslmanager.key WAZUH_AGENT_NAME=test-agent WAZUH_AGENT_GROUP=test-group ENROLLMENT_DELAY=10 /l*v installer.log

Configuration:
  <client>
    <server>
      <address>1.1.1.1</address>
      <port>7777</port>
      <protocol>udp</protocol>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>wazuh-manager</address>
      <port>7777</port>
      <protocol>tcp</protocol>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>3.3.3.3</address>
      <port>7777</port>
      <protocol>udp</protocol>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>testing-manager</address>
      <port>7777</port>
      <protocol>tcp</protocol>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>dns-manager</address>
      <port>7777</port>
      <protocol>udp</protocol>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>MANAGER-4</address>
      <port>7777</port>
      <protocol>tcp</protocol>
      <protocol>tcp</protocol>
    </server>

    <crypto_method>aes</crypto_method>
    <notify_time>10</notify_time>
    <time-reconnect>10</time-reconnect>
    <auto_restart>yes</auto_restart>
    <enrollment>
        <enabled>yes</enabled>
        <manager_address>2.2.2.2</manager_address>
        <port>8888</port>
        <authorization_pass_path>authd.pass</authorization_pass_path>
        <server_ca_path>/var/ossec/etc/testsslmanager.cert</server_ca_path>
        <agent_certificate_path>/var/ossec/etc/testsslmanager.cert</agent_certificate_path>
        <agent_key_path>/var/ossec/etc/testsslmanager.key</agent_key_path>
        <agent_name>test-agent</agent_name>
        <groups>test-group</groups>
        <delay_after_enrollment>10</delay_after_enrollment>
    </enrollment>
  </client>
macOS 🔴

Command: setenv WAZUH_MANAGER "1.1.1.1,wazuh-manager,3.3.3.3,testing-manager,dns-manager,MANAGER-4" WAZUH_MANAGER_PORT "7777" WAZUH_PROTOCOL "udp,tcp,udp,tcp,udp,tcp,udp,tcp" WAZUH_REGISTRATION_SERVER "2.2.2.2" WAZUH_REGISTRATION_PORT "8888" WAZUH_REGISTRATION_PASSWORD "password" WAZUH_KEEP_ALIVE_INTERVAL "10" WAZUH_TIME_RECONNECT "10" WAZUH_REGISTRATION_CA "/var/ossec/etc/testsslmanager.cert" WAZUH_REGISTRATION_CERTIFICATE "/var/ossec/etc/testsslmanager.cert" WAZUH_REGISTRATION_KEY "/var/ossec/etc/testsslmanager.key" WAZUH_AGENT_NAME "test-agent" WAZUH_AGENT_GROUP "test-group" ENROLLMENT_DELAY "10" && installer -pkg wazuh-agent-4.4.0-0.commitd677dd2.pkg -target /;
Configuration:
  <client>
    <server>
      <address>1.1.1.1</address>
      <port>7777</port>
      <protocol>udp</protocol>
    </server>
    <server>
      <address>3.3.3.3</address>
      <port>7777</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>MANAGER-4</address>
      <port>7777</port>
      <protocol>udp</protocol>
    </server>
    <server>
      <address>dns-manager</address>
      <port>7777</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>testing-manager</address>
      <port>7777</port>
      <protocol>udp</protocol>
    </server>
    <server>
      <address>wazuh-manager</address>
      <port>7777</port>
      <protocol>tcp</protocol>
    </server>
    <config-profile>darwin, darwin21, darwin21.1</config-profile>
    <notify_time>10</notify_time>
    <time-reconnect>10</time-reconnect>
    <auto_restart>yes</auto_restart>
    <crypto_method>aes</crypto_method>
    <enrollment>
      <enabled>yes</enabled>
      <manager_address>2.2.2.2</manager_address>
      <port>8888</port>
      <agent_name>test-agent</agent_name>
      <groups>test-group</groups>
      <server_ca_path>/var/ossec/etc/testsslmanager.cert</server_ca_path>
      <agent_certificate_path>/var/ossec/etc/testsslmanager.cert</agent_certificate_path>
      <agent_key_path>/var/ossec/etc/testsslmanager.key</agent_key_path>
      <authorization_pass_path>etc/authd.pass</authorization_pass_path>
      <delay_after_enrollment>10</delay_after_enrollment>
    </enrollment>
  </client>

Test each deployment variable individually: WAZUH_MANAGER 🔴

Some issues were detected

Windows
- Error during agent installation. (Not present in 4.3.8)

AmazonLinux 🟢

Command: WAZUH_MANAGER="1,2,3,4,5,6,7,8,9" yum install ./wazuh-agent-4.4.0-0.commitd677dd2.x86_64.rpm
Configuration:

  <client>
    <server>
      <address>1</address>
      <port>1514</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>2</address>
      <port>1514</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>3</address>
      <port>1514</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>4</address>
      <port>1514</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>5</address>
      <port>1514</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>6</address>
      <port>1514</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>7</address>
      <port>1514</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>8</address>
      <port>1514</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>9</address>
      <port>1514</port>
      <protocol>tcp</protocol>
    </server>

Ubuntu 🟢

Command: WAZUH_MANAGER="1,2,3,4,5,6,7,8,9" apt-get install ./wazuh-agent_4.4.0-0.commitd677dd2_amd64.deb
Configuration:

  <client>
    <server>
      <address>1</address>
      <port>1514</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>2</address>
      <port>1514</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>3</address>
      <port>1514</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>4</address>
      <port>1514</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>5</address>
      <port>1514</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>6</address>
      <port>1514</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>7</address>
      <port>1514</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>8</address>
      <port>1514</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>9</address>
      <port>1514</port>
      <protocol>tcp</protocol>
    </server>

Windows 🔴 ⚠️

Error installing windows agent

Command: .\wazuh-agent.msi /q WAZUH_MANAGER="1,2,3,4,5,6,7,8,9" /l*v installer.log
installer.log: installer.zip**

macOS 🟢

Command

  <client>
    <server>
      <address>1</address>
      <port>1514</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>2</address>
      <port>1514</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>3</address>
      <port>1514</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>4</address>
      <port>1514</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>5</address>
      <port>1514</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>6</address>
      <port>1514</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>7</address>
      <port>1514</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>8</address>
      <port>1514</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>9</address>
      <port>1514</port>
      <protocol>tcp</protocol>
    </server>

Test each deployment variable individually: WAZUH_MANAGER_PORT 🟢

AmazonLinux 🟢

Command: WAZUH_MANAGER_PORT="9991" yum install ./wazuh-agent-4.4.0-0.commitd677dd2.x86_64.rpm
Configuration:

  <client>
    <server>
      <address>MANAGER_IP</address>
      <port>9991</port>
      <protocol>tcp</protocol>
    </server>
    <config-profile>amzn, amzn2</config-profile>
    <notify_time>10</notify_time>
    <time-reconnect>60</time-reconnect>
    <auto_restart>yes</auto_restart>
    <crypto_method>aes</crypto_method>
  </client>

Ubuntu 🟢

Command: WAZUH_MANAGER_PORT="9991" apt-get install ./wazuh-agent_4.4.0-0.commitd677dd2_amd64.deb
Configuration:

<ossec_config>
  <client>
    <server>
      <address>MANAGER_IP</address>
      <port>9991</port>
      <protocol>tcp</protocol>
    </server>
    <config-profile>ubuntu, ubuntu22, ubuntu22.04</config-profile>
    <notify_time>10</notify_time>
    <time-reconnect>60</time-reconnect>
    <auto_restart>yes</auto_restart>
    <crypto_method>aes</crypto_method>
  </client>

Windows 🟢

Command: .\wazuh-agent.msi /q WAZUH_MANAGER_PORT="9991"
Configuration

  <client>
    <server>
      <address>0.0.0.0</address>
      <port>9991</port>
      <protocol>tcp</protocol>
    </server>
    <crypto_method>aes</crypto_method>
    <notify_time>10</notify_time>
    <time-reconnect>60</time-reconnect>
    <auto_restart>yes</auto_restart>
  </client>

macOS 🟢

Command: launchctl setenv WAZUH_MANAGER_PORT "9991"&& installer -pkg wazuh-agent-4.4.0-0.commitd677dd2.pkg -target /;
Configuration:

  <client>
    <server>
      <address>MANAGER_IP</address>
      <port>9991</port>
      <protocol>tcp</protocol>
    </server>
    <config-profile>darwin, darwin21, darwin21.1</config-profile>
    <notify_time>10</notify_time>
    <time-reconnect>60</time-reconnect>
    <auto_restart>yes</auto_restart>
    <crypto_method>aes</crypto_method>
  </client>

Test each deployment variable individually: WAZUH_PROTOCOL 🟢

AmazonLinux 🟢

Command: WAZUH_PROTOCOL="udp,tcp,udp,tcp,tcp" yum install ./wazuh-agent-4.4.0-0.commitd677dd2.x86_64.rpm
Configuration:

  <client>
    <server>
      <address>MANAGER_IP</address>
      <port>1514</port>
      <protocol>udp</protocol>
    </server>
    <config-profile>amzn, amzn2</config-profile>
    <notify_time>10</notify_time>
    <time-reconnect>60</time-reconnect>
    <auto_restart>yes</auto_restart>
    <crypto_method>aes</crypto_method>
  </client>

Ubuntu 🟢

Command: WAZUH_PROTOCOL="udp,tcp,udp,tcp,tcp" apt-get install ./wazuh-agent_4.4.0-0.commitd677dd2_amd64.deb
Configuration:

  <client>
    <server>
      <address>MANAGER_IP</address>
      <port>1514</port>
      <protocol>udp</protocol>
    </server>
    <config-profile>ubuntu, ubuntu22, ubuntu22.04</config-profile>
    <notify_time>10</notify_time>
    <time-reconnect>60</time-reconnect>
    <auto_restart>yes</auto_restart>
    <crypto_method>aes</crypto_method>
  </client>

Windows 🟢

Command: wazuh-agent.msi /q WAZUH_PROTOCOL="udp,tcp,udp,tcp,tcp"
Configuration:

  <client>
    <server>
      <address>0.0.0.0</address>
      <port>1514</port>
            <protocol>udp</protocol>
    </server>
    <crypto_method>aes</crypto_method>
    <notify_time>10</notify_time>
    <time-reconnect>60</time-reconnect>
    <auto_restart>yes</auto_restart>
  </client>

macOS 🟢

Command: launchctl setenv WAZUH_PROTOCOL "udp,tcp,udp,tcp,tcp" && installer -pkg wazuh-agent-4.4.0-0.commitd677dd2.pkg -target /;
Configuration:

  <client>
    <server>
      <address>MANAGER_IP</address>
      <port>1514</port>
      <protocol>udp</protocol>
    </server>
    <config-profile>darwin, darwin21, darwin21.1</config-profile>
    <notify_time>10</notify_time>
    <time-reconnect>60</time-reconnect>
    <auto_restart>yes</auto_restart>
    <crypto_method>aes</crypto_method>
  </client>

Test each deployment variable individually: WAZUH_REGISTRATION_SERVER 🟢

AmazonLinux 🟢

Command: WAZUH_REGISTRATION_SERVER="wazuh-reg-server" yum install ./wazuh-agent-4.4.0-0.commitd677dd2.x86_64.rpm
Configuration:

  <client>
    <server>
      <address>MANAGER_IP</address>
      <port>1514</port>
      <protocol>tcp</protocol>
    </server>
    <config-profile>amzn, amzn2</config-profile>
    <notify_time>10</notify_time>
    <time-reconnect>60</time-reconnect>
    <auto_restart>yes</auto_restart>
    <crypto_method>aes</crypto_method>
    <enrollment>
      <enabled>yes</enabled>
      <manager_address>wazuh-reg-server</manager_address>
      <authorization_pass_path>etc/authd.pass</authorization_pass_path>
    </enrollment>
  </client>

Ubuntu 🟢

Command: WAZUH_REGISTRATION_SERVER=wazuh-reg-server"" apt-get install ./wazuh-agent_4.4.0-0.commitd677dd2_amd64.deb
Configuration:

  <client>
    <server>
      <address>MANAGER_IP</address>
      <port>1514</port>
      <protocol>tcp</protocol>
    </server>
    <config-profile>ubuntu, ubuntu22, ubuntu22.04</config-profile>
    <notify_time>10</notify_time>
    <time-reconnect>60</time-reconnect>
    <auto_restart>yes</auto_restart>
    <crypto_method>aes</crypto_method>
    <enrollment>
      <enabled>yes</enabled>
      <manager_address>wazuh-reg-server</manager_address>
      <authorization_pass_path>etc/authd.pass</authorization_pass_path>
    </enrollment>
  </client>

Windows 🟢

Command: .\wazuh-agent.msi /q WAZUH_REGISTRATION_SERVER="wazuh-reg-server"
Configuration:

  <client>
    <server>
      <address>0.0.0.0</address>
      <port>1514</port>
      <protocol>tcp</protocol>
    </server>
    <crypto_method>aes</crypto_method>
    <notify_time>10</notify_time>
    <time-reconnect>60</time-reconnect>
    <auto_restart>yes</auto_restart>
    <enrollment>
        <enabled>yes</enabled>
        <manager_address>wazuh-reg-server</manager_address>
    </enrollment>
  </client>

macOS 🟢

Command: launchctl setenv WAZUH_REGISTRATION_SERVER "wazuh-reg-server" && installer -pkg wazuh-agent-4.4.0-0.commitd677dd2.pkg -target /;
Configuration:

  <client>
    <server>
      <address>MANAGER_IP</address>
      <port>1514</port>
      <protocol>tcp</protocol>
    </server>
    <config-profile>darwin, darwin21, darwin21.1</config-profile>
    <notify_time>10</notify_time>
    <time-reconnect>60</time-reconnect>
    <auto_restart>yes</auto_restart>
    <crypto_method>aes</crypto_method>
    <enrollment>
      <enabled>yes</enabled>
      <manager_address>wazuh-reg-server</manager_address>
      <authorization_pass_path>etc/authd.pass</authorization_pass_path>
    </enrollment>
  </client>

Test each deployment variable individually: WAZUH_REGISTRATION_PORT 🟢

AmazonLinux 🟢

Command: WAZUH_REGISTRATION_PORT="39482" yum install ./wazuh-agent-4.4.0-0.commitd677dd2.x86_64.rpm
Configuration:

  <client>
    <server>
      <address>MANAGER_IP</address>
      <port>1514</port>
      <protocol>tcp</protocol>
    </server>
    <config-profile>amzn, amzn2</config-profile>
    <notify_time>10</notify_time>
    <time-reconnect>60</time-reconnect>
    <auto_restart>yes</auto_restart>
    <crypto_method>aes</crypto_method>
    <enrollment>
      <enabled>yes</enabled>
      <port>39482</port>
      <authorization_pass_path>etc/authd.pass</authorization_pass_path>
    </enrollment>
  </client>

Ubuntu 🟢

Command: WAZUH_REGISTRATION_PORT="39482" apt-get install ./wazuh-agent_4.4.0-0.commitd677dd2_amd64.deb
Configuration:

  <client>
    <server>
      <address>MANAGER_IP</address>
      <port>1514</port>
      <protocol>tcp</protocol>
    </server>
    <config-profile>ubuntu, ubuntu22, ubuntu22.04</config-profile>
    <notify_time>10</notify_time>
    <time-reconnect>60</time-reconnect>
    <auto_restart>yes</auto_restart>
    <crypto_method>aes</crypto_method>
    <enrollment>
      <enabled>yes</enabled>
      <port>39482</port>
      <authorization_pass_path>etc/authd.pass</authorization_pass_path>
    </enrollment>
  </client>

Windows 🟢

Command: .\wazuh-agent.msi /q WAZUH_REGISTRATION_PORT="39482"
Configuration:

  <client>
    <server>
      <address>0.0.0.0</address>
      <port>1514</port>
      <protocol>tcp</protocol>
    </server>
    <crypto_method>aes</crypto_method>
    <notify_time>10</notify_time>
    <time-reconnect>60</time-reconnect>
    <auto_restart>yes</auto_restart>
    <enrollment>
        <enabled>yes</enabled>
        <port>39482</port>
    </enrollment>
  </client>

macOS 🟢

Command: launchctl setenv WAZUH_REGISTRATION_PORT "39482" && installer -pkg wazuh-agent-4.4.0-0.commitd677dd2.pkg -target /;
Configuration:

  <client>
    <server>
      <address>MANAGER_IP</address>
      <port>1514</port>
      <protocol>tcp</protocol>
    </server>
    <config-profile>darwin, darwin21, darwin21.1</config-profile>
    <notify_time>10</notify_time>
    <time-reconnect>60</time-reconnect>
    <auto_restart>yes</auto_restart>
    <crypto_method>aes</crypto_method>
    <enrollment>
      <enabled>yes</enabled>
      <port>39482</port>
      <authorization_pass_path>etc/authd.pass</authorization_pass_path>
    </enrollment>
  </client>

Test each deployment variable individually: WAZUH_REGISTRATION_PASSWORD 🟢

AmazonLinux 🟢

Command: WAZUH_REGISTRATION_PASSWORD="39482-PASSWORD-Testing" yum install ./wazuh-agent-4.4.0-0.commitd677dd2.x86_64.rpm
Configuration:

  <client>
    <server>
      <address>MANAGER_IP</address>
      <port>1514</port>
      <protocol>tcp</protocol>
    </server>
    <config-profile>amzn, amzn2</config-profile>
    <notify_time>10</notify_time>
    <time-reconnect>60</time-reconnect>
    <auto_restart>yes</auto_restart>
    <crypto_method>aes</crypto_method>
    <enrollment>
      <enabled>yes</enabled>
      <authorization_pass_path>etc/authd.pass</authorization_pass_path>
    </enrollment>
  </client>

[root@ip-172-31-5-208 qa]# cat /var/ossec/etc/authd.pass 
39482-PASSWORD-Testing

Ubuntu 🟢

Command: WAZUH_REGISTRATION_PASSWORD="39482-PASSWORD-Testing" apt-get install ./wazuh-agent_4.4.0-0.commitd677dd2_amd64.deb
Configuration:

  <client>
    <server>
      <address>MANAGER_IP</address>
      <port>1514</port>
      <protocol>tcp</protocol>
    </server>
    <config-profile>ubuntu, ubuntu22, ubuntu22.04</config-profile>
    <notify_time>10</notify_time>
    <time-reconnect>60</time-reconnect>
    <auto_restart>yes</auto_restart>
    <crypto_method>aes</crypto_method>
    <enrollment>
      <enabled>yes</enabled>
      <authorization_pass_path>etc/authd.pass</authorization_pass_path>
    </enrollment>
  </client>

root@ip-172-31-15-71:/home/qa# cat /var/ossec/etc/authd.pass 
39482-PASSWORD-Testing

Windows 🟢

Command: .\wazuh-agent.msi /q WAZUH_REGISTRATION_PASSWORD="39482-PASSWORD-Testing"
Configuration:

  <client>
    <server>
      <address>0.0.0.0</address>
      <port>1514</port>
      <protocol>tcp</protocol>
    </server>
    <crypto_method>aes</crypto_method>
    <notify_time>10</notify_time>
    <time-reconnect>60</time-reconnect>
    <auto_restart>yes</auto_restart>
    <enrollment>
        <enabled>yes</enabled>
        <authorization_pass_path>authd.pass</authorization_pass_path>
    </enrollment>
  </client>

authd.pass: 39482-PASSWORD-Testing

macOS 🟢

Command: launchctl setenv WAZUH_REGISTRATION_PASSWORD "39482-PASSWORD-Testing" && installer -pkg wazuh-agent-4.4.0-0.commitd677dd2.pkg -target /;
Configuration:

  <client>
    <server>
      <address>MANAGER_IP</address>
      <port>1514</port>
      <protocol>tcp</protocol>
    </server>
    <config-profile>darwin, darwin21, darwin21.1</config-profile>
    <notify_time>10</notify_time>
    <time-reconnect>60</time-reconnect>
    <auto_restart>yes</auto_restart>
    <crypto_method>aes</crypto_method>
    <enrollment>
      <enabled>yes</enabled>
      <authorization_pass_path>etc/authd.pass</authorization_pass_path>
    </enrollment>
  </client>

auth.pass:

sh-3.2# cat /Library/Ossec/etc/authd.pass 
39482-PASSWORD-Testing

sh-3.2# ls -la /Library/Ossec/etc/authd.pass 
-rw-r--r--  1 root  wazuh  23 Oct  7 16:53 /Library/Ossec/etc/authd.pass

Test each deployment variable individually: WAZUH_KEEP_ALIVE_INTERVAL 🟢

AmazonLinux 🟢

Command: WAZUH_KEEP_ALIVE_INTERVAL="1234" yum install ./wazuh-agent-4.4.0-0.commitd677dd2.x86_64.rpm
Configuration:

  <client>
    <server>
      <address>MANAGER_IP</address>
      <port>1514</port>
      <protocol>tcp</protocol>
    </server>
    <config-profile>amzn, amzn2</config-profile>
    <notify_time>1234</notify_time>
    <time-reconnect>60</time-reconnect>
    <auto_restart>yes</auto_restart>
    <crypto_method>aes</crypto_method>
  </client>

Ubuntu 🟢

Command: WAZUH_KEEP_ALIVE_INTERVAL="1234" apt-get install ./wazuh-agent_4.4.0-0.commitd677dd2_amd64.deb
Configuration

  <client>
    <server>
      <address>MANAGER_IP</address>
      <port>1514</port>
      <protocol>tcp</protocol>
    </server>
    <config-profile>ubuntu, ubuntu22, ubuntu22.04</config-profile>
    <notify_time>1234</notify_time>
    <time-reconnect>60</time-reconnect>
    <auto_restart>yes</auto_restart>
    <crypto_method>aes</crypto_method>
  </client>

Windows 🟢

Command: .\wazuh-agent.msi /q WAZUH_KEEP_ALIVE_INTERVAL="1234"
Configuration:

  <client>
    <server>
      <address>0.0.0.0</address>
      <port>1514</port>
      <protocol>tcp</protocol>
    </server>
    <crypto_method>aes</crypto_method>
    <notify_time>1234</notify_time>
    <time-reconnect>60</time-reconnect>
    <auto_restart>yes</auto_restart>
  </client>

macOS 🟢

Command: launchctl setenv WAZUH_KEEP_ALIVE_INTERVAL "1234" && installer -pkg wazuh-agent-4.4.0-0.commitd677dd2.pkg -target /;
Configuration:

  <client>
    <server>
      <address>MANAGER_IP</address>
      <port>1514</port>
      <protocol>tcp</protocol>
    </server>
    <config-profile>darwin, darwin21, darwin21.1</config-profile>
    <notify_time>1234</notify_time>
    <time-reconnect>60</time-reconnect>
    <auto_restart>yes</auto_restart>
    <crypto_method>aes</crypto_method>
  </client>

Test each deployment variable individually: WAZUH_TIME_RECONNECT 🟢

AmazonLinux 🟢

Command: WAZUH_TIME_RECONNECT="39482" yum install ./wazuh-agent-4.4.0-0.commitd677dd2.x86_64.rpm
Configuration:

  <client>
    <server>
      <address>MANAGER_IP</address>
      <port>1514</port>
      <protocol>tcp</protocol>
    </server>
    <config-profile>amzn, amzn2</config-profile>
    <notify_time>10</notify_time>
    <time-reconnect>39482</time-reconnect>
    <auto_restart>yes</auto_restart>
    <crypto_method>aes</crypto_method>
  </client>

Ubuntu 🟢

Command: WAZUH_TIME_RECONNECT="39482" apt-get install ./wazuh-agent_4.4.0-0.commitd677dd2_amd64.deb
Configuration:

  <client>
    <server>
      <address>MANAGER_IP</address>
      <port>1514</port>
      <protocol>tcp</protocol>
    </server>
    <config-profile>ubuntu, ubuntu22, ubuntu22.04</config-profile>
    <notify_time>10</notify_time>
    <time-reconnect>39482</time-reconnect>
    <auto_restart>yes</auto_restart>
    <crypto_method>aes</crypto_method>
  </client>

Windows 🟢

Command: .\wazuh-agent.msi /q WAZUH_TIME_RECONNECT="39482"
Configuration:

  <client>
    <server>
      <address>0.0.0.0</address>
      <port>1514</port>
      <protocol>tcp</protocol>
    </server>
    <crypto_method>aes</crypto_method>
    <notify_time>10</notify_time>
    <time-reconnect>39482</time-reconnect>
    <auto_restart>yes</auto_restart>
  </client>

macOS 🟢

Command: launchctl setenv WAZUH_TIME_RECONNECT "39482" && installer -pkg wazuh-agent-4.4.0-0.commitd677dd2.pkg -target /;
Configuration:

  <client>
    <server>
      <address>MANAGER_IP</address>
      <port>1514</port>
      <protocol>tcp</protocol>
    </server>
    <config-profile>darwin, darwin21, darwin21.1</config-profile>
    <notify_time>10</notify_time>
    <time-reconnect>39482</time-reconnect>
    <auto_restart>yes</auto_restart>
    <crypto_method>aes</crypto_method>
  </client>

Test each deployment variable individually: WAZUH_REGISTRATION_CA 🟢

AmazonLinux 🟢

Command: ``
Configuration:

  <client>
    <server>
      <address>MANAGER_IP</address>
      <port>1514</port>
      <protocol>tcp</protocol>
    </server>
    <config-profile>amzn, amzn2</config-profile>
    <notify_time>10</notify_time>
    <time-reconnect>60</time-reconnect>
    <auto_restart>yes</auto_restart>
    <crypto_method>aes</crypto_method>
    <enrollment>
      <enabled>yes</enabled>
      <server_ca_path>/tmp/custom_path</server_ca_path>
      <authorization_pass_path>etc/authd.pass</authorization_pass_path>
    </enrollment>
  </client>

Ubuntu 🟢

Command: WAZUH_REGISTRATION_CA="/tmp/custom_path" apt-get install ./wazuh-agent_4.4.0-0.commitd677dd2_amd64.deb
Configuration:

  <client>
    <server>
      <address>MANAGER_IP</address>
      <port>1514</port>
      <protocol>tcp</protocol>
    </server>
    <config-profile>ubuntu, ubuntu22, ubuntu22.04</config-profile>
    <notify_time>10</notify_time>
    <time-reconnect>60</time-reconnect>
    <auto_restart>yes</auto_restart>
    <crypto_method>aes</crypto_method>
    <enrollment>
      <enabled>yes</enabled>
      <server_ca_path>/tmp/custom_path</server_ca_path>
      <authorization_pass_path>etc/authd.pass</authorization_pass_path>
    </enrollment>
  </client>

Windows 🟢

Command: .\wazuh-agent.msi /q WAZUH_REGISTRATION_CA="/tmp/custom_path"
Configuration:

  <client>
    <server>
      <address>0.0.0.0</address>
      <port>1514</port>
      <protocol>tcp</protocol>
    </server>
    <crypto_method>aes</crypto_method>
    <notify_time>10</notify_time>
    <time-reconnect>60</time-reconnect>
    <auto_restart>yes</auto_restart>
    <enrollment>
        <enabled>yes</enabled>
        <server_ca_path>/tmp/custom_path</server_ca_path>
    </enrollment>
  </client>

macOS 🟢

Command: launchctl setenv WAZUH_REGISTRATION_CA "/tmp/custom_path" && installer -pkg wazuh-agent-4.4.0-0.commitd677dd2.pkg -target /;
Configuration:

  <client>
    <server>
      <address>MANAGER_IP</address>
      <port>1514</port>
      <protocol>tcp</protocol>
    </server>
    <config-profile>darwin, darwin21, darwin21.1</config-profile>
    <notify_time>10</notify_time>
    <time-reconnect>60</time-reconnect>
    <auto_restart>yes</auto_restart>
    <crypto_method>aes</crypto_method>
    <enrollment>
      <enabled>yes</enabled>
      <server_ca_path>/tmp/custom_path</server_ca_path>
      <authorization_pass_path>etc/authd.pass</authorization_pass_path>
    </enrollment>
  </client>

Test each deployment variable individually: WAZUH_REGISTRATION_CERTIFICATE 🟢

AmazonLinux 🟢

Command: WAZUH_REGISTRATION_CERTIFICATE=/tmp/example_path yum install ./wazuh-agent-4.4.0-0.commitd677dd2.x86_64.rpm
Configuration:

  <client>
    <server>
      <address>MANAGER_IP</address>
      <port>1514</port>
      <protocol>tcp</protocol>
    </server>
    <config-profile>amzn, amzn2</config-profile>
    <notify_time>10</notify_time>
    <time-reconnect>60</time-reconnect>
    <auto_restart>yes</auto_restart>
    <crypto_method>aes</crypto_method>
    <enrollment>
      <enabled>yes</enabled>
      <agent_certificate_path>/tmp/example_path</agent_certificate_path>
      <authorization_pass_path>etc/authd.pass</authorization_pass_path>
    </enrollment>
  </client>

Ubuntu 🟢

Command: WAZUH_REGISTRATION_CERTIFICATE=/tmp/example_path apt-get install ./wazuh-agent_4.4.0-0.commitd677dd2_amd64.deb
Configuration:

  <client>
    <server>
      <address>MANAGER_IP</address>
      <port>1514</port>
      <protocol>tcp</protocol>
    </server>
    <config-profile>ubuntu, ubuntu22, ubuntu22.04</config-profile>
    <notify_time>10</notify_time>
    <time-reconnect>60</time-reconnect>
    <auto_restart>yes</auto_restart>
    <crypto_method>aes</crypto_method>
    <enrollment>
      <enabled>yes</enabled>
      <agent_certificate_path>/tmp/example_path</agent_certificate_path>
      <authorization_pass_path>etc/authd.pass</authorization_pass_path>
    </enrollment>
  </client>

Windows 🟢

Command: .\wazuh-agent.msi /q WAZUH_REGISTRATION_CERTIFICATE=C:\example
Configuration:

  <client>
    <server>
      <address>0.0.0.0</address>
      <port>1514</port>
      <protocol>tcp</protocol>
    </server>
    <crypto_method>aes</crypto_method>
    <notify_time>10</notify_time>
    <time-reconnect>60</time-reconnect>
    <auto_restart>yes</auto_restart>
    <enrollment>
        <enabled>yes</enabled>
        <agent_certificate_path>C:\example</agent_certificate_path>
    </enrollment>
  </client>

macOS 🟢

Command: launchctl setenv WAZUH_REGISTRATION_CERTIFICATE "/tmp/example_path" && installer -pkg wazuh-agent-4.4.0-0.commitd677dd2.pkg -target /;
Configuration:

  <client>
    <server>
      <address>MANAGER_IP</address>
      <port>1514</port>
      <protocol>tcp</protocol>
    </server>
    <config-profile>darwin, darwin21, darwin21.1</config-profile>
    <notify_time>10</notify_time>
    <time-reconnect>60</time-reconnect>
    <auto_restart>yes</auto_restart>
    <crypto_method>aes</crypto_method>
    <enrollment>
      <enabled>yes</enabled>
      <agent_certificate_path>/tmp/example_path</agent_certificate_path>
      <authorization_pass_path>etc/authd.pass</authorization_pass_path>
    </enrollment>
  </client>

Test each deployment variable individually: WAZUH_REGISTRATION_KEY 🟢

AmazonLinux 🟢

Command: WAZUH_REGISTRATION_KEY=/tmp/example_path yum install ./wazuh-agent-4.4.0-0.commitd677dd2.x86_64.rpm
Configuration:

  <client>
    <server>
      <address>MANAGER_IP</address>
      <port>1514</port>
      <protocol>tcp</protocol>
    </server>
    <config-profile>amzn, amzn2</config-profile>
    <notify_time>10</notify_time>
    <time-reconnect>60</time-reconnect>
    <auto_restart>yes</auto_restart>
    <crypto_method>aes</crypto_method>
    <enrollment>
      <enabled>yes</enabled>
      <agent_key_path>/tmp/example_path</agent_key_path>
      <authorization_pass_path>etc/authd.pass</authorization_pass_path>
    </enrollment>
  </client>

Ubuntu 🟢

Command: WAZUH_REGISTRATION_KEY=/tmp/example_path apt-get install ./wazuh-agent_4.4.0-0.commitd677dd2_amd64.deb
Configuration:

  <client>
    <server>
      <address>MANAGER_IP</address>
      <port>1514</port>
      <protocol>tcp</protocol>
    </server>
    <config-profile>ubuntu, ubuntu22, ubuntu22.04</config-profile>
    <notify_time>10</notify_time>
    <time-reconnect>60</time-reconnect>
    <auto_restart>yes</auto_restart>
    <crypto_method>aes</crypto_method>
    <enrollment>
      <enabled>yes</enabled>
      <agent_key_path>/tmp/example_path</agent_key_path>
      <authorization_pass_path>etc/authd.pass</authorization_pass_path>
    </enrollment>
  </client>

Windows 🟢

Command: .\wazuh-agent.msi /q WAZUH_REGISTRATION_KEY=C:\example
Configuration:

  <client>
    <server>
      <address>0.0.0.0</address>
      <port>1514</port>
      <protocol>tcp</protocol>
    </server>
    <crypto_method>aes</crypto_method>
    <notify_time>10</notify_time>
    <time-reconnect>60</time-reconnect>
    <auto_restart>yes</auto_restart>
    <enrollment>
        <enabled>yes</enabled>
        <agent_key_path>C:\example</agent_key_path>
    </enrollment>
  </client>

macOS 🟢

Command: launchctl setenv WAZUH_REGISTRATION_KEY "/tmp/example_path" && installer -pkg wazuh-agent-4.4.0-0.commitd677dd2.pkg -target /;
Configuration:

  <client>
    <server>
      <address>MANAGER_IP</address>
      <port>1514</port>
      <protocol>tcp</protocol>
    </server>
    <config-profile>darwin, darwin21, darwin21.1</config-profile>
    <notify_time>10</notify_time>
    <time-reconnect>60</time-reconnect>
    <auto_restart>yes</auto_restart>
    <crypto_method>aes</crypto_method>
    <enrollment>
      <enabled>yes</enabled>
      <agent_key_path>/tmp/example_path</agent_key_path>
      <authorization_pass_path>etc/authd.pass</authorization_pass_path>
    </enrollment>
  </client>

Test each deployment variable individually: WAZUH_AGENT_NAME 🟢

AmazonLinux 🟢

Command: WAZUH_AGENT_NAME=1234_Testing-agent.name yum install ./wazuh-agent-4.4.0-0.commitd677dd2.x86_64.rpm
Configuration:

  <client>
    <server>
      <address>MANAGER_IP</address>
      <port>1514</port>
      <protocol>tcp</protocol>
    </server>
    <config-profile>amzn, amzn2</config-profile>
    <notify_time>10</notify_time>
    <time-reconnect>60</time-reconnect>
    <auto_restart>yes</auto_restart>
    <crypto_method>aes</crypto_method>
    <enrollment>
      <enabled>yes</enabled>
      <agent_name>1234_Testing-agent.name</agent_name>
      <authorization_pass_path>etc/authd.pass</authorization_pass_path>
    </enrollment>
  </client>

Ubuntu 🟢

Command: WAZUH_AGENT_NAME=1234_Testing-agent.name apt-get install ./wazuh-agent_4.4.0-0.commitd677dd2_amd64.deb
Configuration:

  <client>
    <server>
      <address>MANAGER_IP</address>
      <port>1514</port>
      <protocol>tcp</protocol>
    </server>
    <config-profile>ubuntu, ubuntu22, ubuntu22.04</config-profile>
    <notify_time>10</notify_time>
    <time-reconnect>60</time-reconnect>
    <auto_restart>yes</auto_restart>
    <crypto_method>aes</crypto_method>
    <enrollment>
      <enabled>yes</enabled>
      <agent_name>1234_Testing-agent.name</agent_name>
      <authorization_pass_path>etc/authd.pass</authorization_pass_path>
    </enrollment>
  </client>

Windows 🟢

Command: .\wazuh-agent.msi /q WAZUH_AGENT_NAME=1234_Testing-agent.name
Configuration:

  <client>
    <server>
      <address>0.0.0.0</address>
      <port>1514</port>
      <protocol>tcp</protocol>
    </server>
    <crypto_method>aes</crypto_method>
    <notify_time>10</notify_time>
    <time-reconnect>60</time-reconnect>
    <auto_restart>yes</auto_restart>
    <enrollment>
        <enabled>yes</enabled>
        <agent_name>1234_Testing-agent.name</agent_name>
    </enrollment>
  </client>

macOS 🟢

Command: launchctl setenv WAZUH_AGENT_NAME "1234_Testing-agent.name" && installer -pkg wazuh-agent-4.4.0-0.commitd677dd2.pkg -target /;
Configuration:

  <client>
    <server>
      <address>MANAGER_IP</address>
      <port>1514</port>
      <protocol>tcp</protocol>
    </server>
    <config-profile>darwin, darwin21, darwin21.1</config-profile>
    <notify_time>10</notify_time>
    <time-reconnect>60</time-reconnect>
    <auto_restart>yes</auto_restart>
    <crypto_method>aes</crypto_method>
    <enrollment>
      <enabled>yes</enabled>
      <agent_name>1234_Testing-agent.name</agent_name>
      <authorization_pass_path>etc/authd.pass</authorization_pass_path>
    </enrollment>
  </client>

Test each deployment variable individually: WAZUH_AGENT_GROUP 🟢

AmazonLinux 🟢

Command: WAZUH_AGENT_GROUP=testing1,testing2,123455,group,group4,group5,a,b,c,d,e,f,g,hi,j,k,1,2,3,4,5,6,7,8,9,0,11,12,13 yum install ./wazuh-agent-4.4.0-0.commitd677dd2.x86_64.rpm
Configuration:

  <client>
    <server>
      <address>MANAGER_IP</address>
      <port>1514</port>
      <protocol>tcp</protocol>
    </server>
    <config-profile>amzn, amzn2</config-profile>
    <notify_time>10</notify_time>
    <time-reconnect>60</time-reconnect>
    <auto_restart>yes</auto_restart>
    <crypto_method>aes</crypto_method>
    <enrollment>
      <enabled>yes</enabled>
      <groups>testing1,testing2,123455,group,group4,group5,a,b,c,d,e,f,g,hi,j,k,1,2,3,4,5,6,7,8,9,0,11,12,13</groups>
      <authorization_pass_path>etc/authd.pass</authorization_pass_path>
    </enrollment>
  </client>

Ubuntu 🟢

Command: WAZUH_AGENT_GROUP=testing1,testing2,123455,group,group4,group5,a,b,c,d,e,f,g,hi,j,k,1,2,3,4,5,6,7,8,9,0,11,12,13 apt-get install ./wazuh-agent_4.4.0-0.commitd677dd2_amd64.deb
Configuration:

  <client>
    <server>
      <address>MANAGER_IP</address>
      <port>1514</port>
      <protocol>tcp</protocol>
    </server>
    <config-profile>ubuntu, ubuntu22, ubuntu22.04</config-profile>
    <notify_time>10</notify_time>
    <time-reconnect>60</time-reconnect>
    <auto_restart>yes</auto_restart>
    <crypto_method>aes</crypto_method>
    <enrollment>
      <enabled>yes</enabled>
      <groups>testing1,testing2,123455,group,group4,group5,a,b,c,d,e,f,g,hi,j,k,1,2,3,4,5,6,7,8,9,0,11,12,13</groups>
      <authorization_pass_path>etc/authd.pass</authorization_pass_path>
    </enrollment>
  </client>

Windows 🟢

Command: .\wazuh-agent.msi /q WAZUH_AGENT_GROUP=testing1,testing2,123455,group,group4,group5,a,b,c,d,e,f,g,hi,j,k,1,2,3,4,5,6,7,8,9,0,11,12,13
Configuration:

  <client>
    <server>
      <address>0.0.0.0</address>
      <port>1514</port>
      <protocol>tcp</protocol>
    </server>
    <crypto_method>aes</crypto_method>
    <notify_time>10</notify_time>
    <time-reconnect>60</time-reconnect>
    <auto_restart>yes</auto_restart>
    <enrollment>
        <enabled>yes</enabled>
        <groups>testing1,testing2,123455,group,group4,group5,a,b,c,d,e,f,g,hi,j,k,1,2,3,4,5,6,7,8,9,0,11,12,13</groups>
    </enrollment>
  </client>

macOS 🟢

Command: setenv WAZUH_AGENT_GROUP "testing1,testing2,123455,group,group4,group5,a,b,c,d,e,f,g,hi,j,k,1,2,3,4,5,6,7,8,9,0,11,12,13" && installer -pkg wazuh-agent-4.4.0-0.commitd677dd2.pkg -target /;
Configuration:

  <client>
    <server>
      <address>MANAGER_IP</address>
      <port>1514</port>
      <protocol>tcp</protocol>
    </server>
    <config-profile>darwin, darwin21, darwin21.1</config-profile>
    <notify_time>10</notify_time>
    <time-reconnect>60</time-reconnect>
    <auto_restart>yes</auto_restart>
    <crypto_method>aes</crypto_method>
    <enrollment>
      <enabled>yes</enabled>
      <groups>testing1,testing2,123455,group,group4,group5,a,b,c,d,e,f,g,hi,j,k,1,2,3,4,5,6,7,8,9,0,11,12,13</groups>
      <authorization_pass_path>etc/authd.pass</authorization_pass_path>
    </enrollment>
  </client>

Test each deployment variable individually: ENROLLMENT_DELAY 🟢

AmazonLinux 🟢

Command: ENROLLMENT_DELAY=693 yum install ./wazuh-agent-4.4.0-0.commitd677dd2.x86_64.rpm
Configuration:

  <client>
    <server>
      <address>MANAGER_IP</address>
      <port>1514</port>
      <protocol>tcp</protocol>
    </server>
    <config-profile>amzn, amzn2</config-profile>
    <notify_time>10</notify_time>
    <time-reconnect>60</time-reconnect>
    <auto_restart>yes</auto_restart>
    <crypto_method>aes</crypto_method>
    <enrollment>
      <enabled>yes</enabled>
      <authorization_pass_path>etc/authd.pass</authorization_pass_path>
      <delay_after_enrollment>693</delay_after_enrollment>
    </enrollment>
  </client>

Ubuntu 🟢

Command: ENROLLMENT_DELAY=693 apt-get install ./wazuh-agent_4.4.0-0.commitd677dd2_amd64.deb
Configuration:

  <client>
    <server>
      <address>MANAGER_IP</address>
      <port>1514</port>
      <protocol>tcp</protocol>
    </server>
    <config-profile>ubuntu, ubuntu22, ubuntu22.04</config-profile>
    <notify_time>10</notify_time>
    <time-reconnect>60</time-reconnect>
    <auto_restart>yes</auto_restart>
    <crypto_method>aes</crypto_method>
    <enrollment>
      <enabled>yes</enabled>
      <authorization_pass_path>etc/authd.pass</authorization_pass_path>
      <delay_after_enrollment>693</delay_after_enrollment>
    </enrollment>
  </client>

Windows 🟢

Command: .\wazuh-agent.msi /q ENROLLMENT_DELAY=693
Configuration:

  <client>
    <server>
      <address>0.0.0.0</address>
      <port>1514</port>
      <protocol>tcp</protocol>
    </server>
    <crypto_method>aes</crypto_method>
    <notify_time>10</notify_time>
    <time-reconnect>60</time-reconnect>
    <auto_restart>yes</auto_restart>
    <enrollment>
        <enabled>yes</enabled>
        <delay_after_enrollment>693</delay_after_enrollment>
    </enrollment>
  </client>

macOS 🟢

Command: launchctl setenv ENROLLMENT_DELAY "693" && installer -pkg wazuh-agent-4.4.0-0.commitd677dd2.pkg -target /;
Configuration:

  <client>
    <server>
      <address>MANAGER_IP</address>
      <port>1514</port>
      <protocol>tcp</protocol>
    </server>
    <config-profile>darwin, darwin21, darwin21.1</config-profile>
    <notify_time>10</notify_time>
    <time-reconnect>60</time-reconnect>
    <auto_restart>yes</auto_restart>
    <crypto_method>aes</crypto_method>
    <enrollment>
      <enabled>yes</enabled>
      <authorization_pass_path>etc/authd.pass</authorization_pass_path>
      <delay_after_enrollment>693</delay_after_enrollment>
    </enrollment>
  </client>

Test each deployment variable individually: /l installer.log 🟢

Windows 🟢

Command: .\wazuh-agent.msi /q /l installer.lo
Configuration:

  <client>
    <server>
      <address>0.0.0.0</address>
      <port>1514</port>
      <protocol>tcp</protocol>
    </server>
    <crypto_method>aes</crypto_method>
    <notify_time>10</notify_time>
    <time-reconnect>60</time-reconnect>
    <auto_restart>yes</auto_restart>
  </client>

install.log:

=== Logging started: 10/7/2022  10:42:17 ===
Action start 10:42:17: INSTALL.
Action start 10:42:17: FindRelatedProducts.
Action ended 10:42:17: FindRelatedProducts. Return value 1.
Action start 10:42:17: AppSearch.
Action ended 10:42:17: AppSearch. Return value 1.
Action start 10:42:17: CheckSvcRunning.
Action ended 10:42:17: CheckSvcRunning. Return value 0.
Action start 10:42:17: ValidateProductID.
Action ended 10:42:17: ValidateProductID. Return value 1.
Action start 10:42:17: CostInitialize.
Action ended 10:42:17: CostInitialize. Return value 1.
Action start 10:42:17: FileCost.
Action ended 10:42:17: FileCost. Return value 1.
Action start 10:42:17: WixSetDefaultPerUserFolder.
Action ended 10:42:17: WixSetDefaultPerUserFolder. Return value 1.
Action start 10:42:17: WixSetDefaultPerMachineFolder.
Action ended 10:42:17: WixSetDefaultPerMachineFolder. Return value 1.
Action start 10:42:17: WixSetPerMachineFolder.
Action ended 10:42:17: WixSetPerMachineFolder. Return value 1.
Action start 10:42:17: CostFinalize.
Action ended 10:42:17: CostFinalize. Return value 1.
Action start 10:42:17: MigrateFeatureStates.
Action ended 10:42:17: MigrateFeatureStates. Return value 0.
Action start 10:42:17: InstallValidate.
Action ended 10:42:17: InstallValidate. Return value 1.
Action start 10:42:17: InstallInitialize.
Action ended 10:42:17: InstallInitialize. Return value 1.
Action start 10:42:17: SetCustomActionDataValue.
Action ended 10:42:17: SetCustomActionDataValue. Return value 1.
Action start 10:42:17: CustomAction_InstallerScripts.
Action ended 10:42:18: CustomAction_InstallerScripts. Return value 1.
Action start 10:42:18: ProcessComponents.
Action ended 10:42:18: ProcessComponents. Return value 1.
Action start 10:42:18: UnpublishFeatures.
Action ended 10:42:18: UnpublishFeatures. Return value 1.
Action start 10:42:18: SchedSecureObjectsRollback.
SchedSecureObjectsRollback:  Entering SchedSecureObjectsRollback in C:\Windows\Installer\MSIB9A4.tmp, version 3.11.4516.0
SchedSecureObjectsRollback:  Failed to store ACL rollback information with error 0x80070002 - continuing
Action ended 10:42:18: SchedSecureObjectsRollback. Return value 1.
Action start 10:42:18: StopServices.
Action ended 10:42:18: StopServices. Return value 1.
Action start 10:42:18: DeleteServices.
Action ended 10:42:18: DeleteServices. Return value 1.
Action start 10:42:18: RemoveRegistryValues.
".\installer.log" [converted] 101L, 5898B

Test each deployment variable individually: /l*v installer.log 🟢

Windows 🟢

Command: .\wazuh-agent.msi /q /l*v installer.log
Configuration:

  <client>
    <server>
      <address>0.0.0.0</address>
      <port>1514</port>
      <protocol>tcp</protocol>
    </server>
    <crypto_method>aes</crypto_method>
    <notify_time>10</notify_time>
    <time-reconnect>60</time-reconnect>
    <auto_restart>yes</auto_restart>
  </client>

installer.log:

=== Verbose logging started: 10/7/2022  10:45:05  Build type: SHIP UNICODE 5.00.10011.00  Calling process: C:\Windows\System32\msiexec.exe ===^M
MSI (c) (78:64) [10:45:05:076]: Resetting cached policy values^M
MSI (c) (78:64) [10:45:05:076]: Machine policy value 'Debug' is 0^M
MSI (c) (78:64) [10:45:05:076]: ******* RunEngine:^M
           ******* Product: C:\Users\qa\wazuh-agent.msi^M
           ******* Action: ^M
           ******* CommandLine: **********^M
MSI (c) (78:64) [10:45:05:076]: Client-side and UI is none or basic: Running entire install on the server.^M
MSI (c) (78:64) [10:45:05:076]: Grabbed execution mutex.^M
MSI (c) (78:64) [10:45:05:092]: Cloaking enabled.^M
MSI (c) (78:64) [10:45:05:092]: Attempting to enable all disabled privileges before calling Install on Server^M
MSI (c) (78:64) [10:45:05:092]: Incrementing counter to disable shutdown. Counter after increment: 0^M
MSI (s) (9C:EC) [10:45:05:108]: Running installation inside multi-package transaction C:\Users\qa\wazuh-agent.msi^M
MSI (s) (9C:EC) [10:45:05:108]: Grabbed execution mutex.^M
MSI (s) (9C:08) [10:45:05:108]: Resetting cached policy values^M
MSI (s) (9C:08) [10:45:05:108]: Machine policy value 'Debug' is 0^M
MSI (s) (9C:08) [10:45:05:108]: ******* RunEngine:^M
           ******* Product: C:\Users\qa\wazuh-agent.msi^M
           ******* Action: ^M
           ******* CommandLine: **********^M
MSI (s) (9C:08) [10:45:05:108]: Machine policy value 'DisableUserInstalls' is 0^M
MSI (s) (9C:08) [10:45:05:108]: Note: 1: 2203 2: C:\Windows\Installer\inprogressinstallinfo.ipi 3: -2147287038 ^M
MSI (s) (9C:08) [10:45:05:108]: SRSetRestorePoint skipped for this transaction.^M
MSI (s) (9C:08) [10:45:05:108]: Note: 1: 1402 2: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer 3: 2 ^M
MSI (s) (9C:08) [10:45:05:108]: File will have security applied from OpCode.^M
MSI (s) (9C:08) [10:45:05:108]: SOFTWARE RESTRICTION POLICY: Verifying package --> 'C:\Users\qa\wazuh-agent.msi' against software restriction policy^M
MSI (s) (9C:08) [10:45:05:108]: Note: 1: 2262 2: ^EDigitalSignature 3: -2147287038 ^M
MSI (s) (9C:08) [10:45:05:108]: SOFTWARE RESTRICTION POLICY: C:\Users\qa\wazuh-agent.msi is not digitally signed^M
MSI (s) (9C:08) [10:45:05:108]: SOFTWARE RESTRICTION POLICY: C:\Users\qa\wazuh-agent.msi is permitted to run at the 'unrestricted' authorization level.^M
MSI (s) (9C:08) [10:45:05:108]: MSCOREE not loaded loading copy from system32^M
MSI (s) (9C:08) [10:45:05:123]: End dialog not enabled^M
MSI (s) (9C:08) [10:45:05:123]: Original package ==> C:\Users\qa\wazuh-agent.msi^M
MSI (s) (9C:08) [10:45:05:123]: Package we're running from ==> C:\Windows\Installer\584ed3.msi^M
MSI (s) (9C:08) [10:45:05:123]: APPCOMPAT: Compatibility mode property overrides found.^M
MSI (s) (9C:08) [10:45:05:123]: APPCOMPAT: looking for appcompat database entry with ProductCode '{5290B60A-A5D5-493B-864F-FCE6C045AA26}'.^M
MSI (s) (9C:08) [10:45:05:123]: APPCOMPAT: no matching ProductCode found in database.^M
MSI (s) (9C:08) [10:45:05:123]: Machine policy value 'TransformsSecure' is 1^M
MSI (s) (9C:08) [10:45:05:123]: Machine policy value 'DisablePatch' is 0^M
MSI (s) (9C:08) [10:45:05:123]: Machine policy value 'AllowLockdownPatch' is 0^M
MSI (s) (9C:08) [10:45:05:123]: Machine policy value 'DisableLUAPatching' is 0^M
MSI (s) (9C:08) [10:45:05:123]: Machine policy value 'DisableFlyWeightPatching' is 0^M
MSI (s) (9C:08) [10:45:05:123]: APPCOMPAT: looking for appcompat database entry with ProductCode '{5290B60A-A5D5-493B-864F-FCE6C045AA26}'.^M
MSI (s) (9C:08) [10:45:05:123]: APPCOMPAT: no matching ProductCode found in database.^M
MSI (s) (9C:08) [10:45:05:123]: Transforms are not secure.^M
MSI (s) (9C:08) [10:45:05:123]: PROPERTY CHANGE: Adding MsiLogFileLocation property. Its value is 'C:\Users\qa\installer.log'.^M
".\installer.log" [converted][unix] 1187L, 135095B                                                                                                                                               1,1           Top

Test deployment variables using multiple addresses and 1 protocol 🔴

Some issues were detected for all OS:

Linux and macOS
- Protocols and managers mismatch due to manager reordering. This makes that manager configured to use UDP instead of TCP (the first one) will use TCP instead in the final configuration.
Windows
- Error during agent installation (Not present in 4.3.8)

AmazonLinux 🔴

Command: WAZUH_MANAGER=wazuh-manager,wazuh-manager2,4.4.4.4,1.2.1.3,dns-manager WAZUH_PROTOCOL=UDP WAZUH_MANAGER_PORT=444 WAZUH_AGENT_NAME=TESTING yum install ./wazuh-agent-4.4.0-0.commitd677dd2.x86_64.rpm

Configuration:

  <client>
    <server>
      <address>1.2.1.3</address>
      <port>444</port>
      <protocol>udp</protocol>
    </server>
    <server>
      <address>4.4.4.4</address>
      <port>444</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>dns-manager</address>
      <port>444</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>wazuh-manager</address>
      <port>444</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>wazuh-manager2</address>
      <port>444</port>
      <protocol>tcp</protocol>
    </server>
    <config-profile>amzn, amzn2</config-profile>
    <notify_time>10</notify_time>
    <time-reconnect>60</time-reconnect>
    <auto_restart>yes</auto_restart>
    <crypto_method>aes</crypto_method>
    <enrollment>
      <enabled>yes</enabled>
      <manager_address>1.2.1.3</manager_address>
      <agent_name>TESTING</agent_name>
      <authorization_pass_path>etc/authd.pass</authorization_pass_path>
    </enrollment>
  </client>

Ubuntu 🔴

Command: WAZUH_MANAGER=wazuh-manager,wazuh-manager2,4.4.4.4,1.2.1.3,dns-manager WAZUH_PROTOCOL=UDP WAZUH_MANAGER_PORT=444 WAZUH_AGENT_NAME=TESTING apt-get install ./wazuh-agent_4.4.0-0.commitd677dd2_amd64.deb

Configuration:

<ossec_config>
  <client>
    <server>
      <address>1.2.1.3</address>
      <port>444</port>
      <protocol>udp</protocol>
    </server>
    <server>
      <address>4.4.4.4</address>
      <port>444</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>dns-manager</address>
      <port>444</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>wazuh-manager</address>
      <port>444</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>wazuh-manager2</address>
      <port>444</port>
      <protocol>tcp</protocol>
    </server>
    <config-profile>ubuntu, ubuntu22, ubuntu22.04</config-profile>
    <notify_time>10</notify_time>
    <time-reconnect>60</time-reconnect>
    <auto_restart>yes</auto_restart>
    <crypto_method>aes</crypto_method>
    <enrollment>
      <enabled>yes</enabled>
      <manager_address>1.2.1.3</manager_address>
      <agent_name>TESTING</agent_name>
      <authorization_pass_path>etc/authd.pass</authorization_pass_path>
    </enrollment>
  </client>

Windows 🔴 ⚠️

Windows installer fails. Error not present in 4.3.8

Command: .\wazuh-agent.msi /q WAZUH_MANAGER=wazuh-manager,wazuh-manager2,4.4.4.4,1.2.1.3,dns-manager WAZUH_PROTOCOL=UDP WAZUH_MANAGER_PORT=444 WAZUH_AGENT_NAME=TESTING /l*v installer.log
installer.log: installer.zip

macOS 🔴

Command: WAZUH_MANAGER "wazuh-manager,wazuh-manager2,4.4.4.4,1.2.1.3,dns-manager" WAZUH_PROTOCOL "UDP" WAZUH_MANAGER_PORT "444" WAZUH_AGENT_NAME "TESTING" && installer -pkg wazuh-agent-4.4.0-0.commitd677dd2.pkg -target /
Configuration:

  <client>
    <server>
      <address>1.2.1.3</address>
      <port>444</port>
      <protocol>udp</protocol>
    </server>
    <server>
      <address>4.4.4.4</address>
      <port>444</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>dns-manager</address>
      <port>444</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>wazuh-manager</address>
      <port>444</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>wazuh-manager2</address>
      <port>444</port>
      <protocol>tcp</protocol>
    </server>
    <config-profile>darwin, darwin21, darwin21.1</config-profile>
    <notify_time>10</notify_time>
    <time-reconnect>60</time-reconnect>
    <auto_restart>yes</auto_restart>
    <crypto_method>aes</crypto_method>
    <enrollment>
      <enabled>yes</enabled>
      <manager_address>1.2.1.3</manager_address>
      <agent_name>TESTING</agent_name>
      <authorization_pass_path>etc/authd.pass</authorization_pass_path>
    </enrollment>
  </client>

Test deployment variables using 1 address and multiple protocols 🔴

Some issues were detected

Windows
- Multiple protocol configuration blocks, resulting in the use of a not specified protocol. (Not present in 4.3.8)

AmazonLinux 🟢

Command: WAZUH_MANAGER=wazuh-manager WAZUH_PROTOCOL=UDP,TCP,TPC,UPC,UDP WAZUH_MANAGER_PORT=444 WAZUH_AGENT_NAME=TESTING yum install ./wazuh-agent-4.4.0-0.commitd677dd2.x86_64.rpm
Configuration:

  <client>
    <server>
      <address>wazuh-manager</address>
      <port>444</port>
      <protocol>udp</protocol>
    </server>
    <config-profile>amzn, amzn2</config-profile>
    <notify_time>10</notify_time>
    <time-reconnect>60</time-reconnect>
    <auto_restart>yes</auto_restart>
    <crypto_method>aes</crypto_method>
    <enrollment>
      <enabled>yes</enabled>
      <manager_address>wazuh-manager</manager_address>
      <agent_name>TESTING</agent_name>
      <authorization_pass_path>etc/authd.pass</authorization_pass_path>
    </enrollment>
  </client>

Ubuntu 🟢

Command: WAZUH_MANAGER=wazuh-manager WAZUH_PROTOCOL=UDP,TCP,TPC,UPC,UDP WAZUH_MANAGER_PORT=444 WAZUH_AGENT_NAME=TESTING apt-get install ./wazuh-agent_4.4.0-0.commitd677dd2_amd64.deb
Configuration:

  <client>
    <server>
      <address>wazuh-manager</address>
      <port>444</port>
      <protocol>udp</protocol>
    </server>
    <config-profile>ubuntu, ubuntu22, ubuntu22.04</config-profile>
    <notify_time>10</notify_time>
    <time-reconnect>60</time-reconnect>
    <auto_restart>yes</auto_restart>
    <crypto_method>aes</crypto_method>
    <enrollment>
      <enabled>yes</enabled>
      <manager_address>wazuh-manager</manager_address>
      <agent_name>TESTING</agent_name>
      <authorization_pass_path>etc/authd.pass</authorization_pass_path>
    </enrollment>
  </client>

Windows 🔴

Command: .\wazuh-agent.msi /q WAZUH_MANAGER=wazuh-manager WAZUH_PROTOCOL=UDP,TCP,TPC,UPC,UDP WAZUH_MANAGER_PORT=444 WAZUH_AGENT_NAME=TESTING
Configuration:

  <client>
    <server>
      <address>wazuh-manager</address>
      <port>444</port>
      <protocol>udp</protocol>
      <protocol>tcp</protocol>
    </server>

    <crypto_method>aes</crypto_method>
    <notify_time>10</notify_time>
    <time-reconnect>60</time-reconnect>
    <auto_restart>yes</auto_restart>
    <enrollment>
        <enabled>yes</enabled>
        <agent_name>TESTING</agent_name>
    </enrollment>
  </client>

macOS 🟢

Command: setenv WAZUH_MANAGER "wazuh-manager" WAZUH_PROTOCOL "UDP,TCP,TPC,UPC,UDP" WAZUH_MANAGER_PORT "444" WAZUH_AGENT_NAME "TESTING" && installer -pkg wazuh-agent-4.4.0-0.commitd677dd2.pkg -target /
Configuration:

<ossec_config>
  <client>
    <server>
      <address>wazuh-manager</address>
      <port>444</port>
      <protocol>udp</protocol>
    </server>
    <config-profile>darwin, darwin21, darwin21.1</config-profile>
    <notify_time>10</notify_time>
    <time-reconnect>60</time-reconnect>
    <auto_restart>yes</auto_restart>
    <crypto_method>aes</crypto_method>
    <enrollment>
      <enabled>yes</enabled>
      <manager_address>wazuh-manager</manager_address>
      <agent_name>TESTING</agent_name>
      <authorization_pass_path>etc/authd.pass</authorization_pass_path>
    </enrollment>
  </client>

Test deployment variables using 1 address and 1 protocol. 🔴

Some issues were detected

Windows
- Multiple protocol configuration blocks, resulting in the use of a not specified protocol. (Not present in 4.3.8)

AmazonLinux 🟢

Command: WAZUH_MANAGER=wazuh-manager WAZUH_PROTOCOL=UDP WAZUH_MANAGER_PORT=444 WAZUH_AGENT_NAME=TESTING yum install ./wazuh-agent-4.4.0-0.commitd677dd2.x86_64.rpm
Configuration:

  <client>
    <server>
      <address>wazuh-manager</address>
      <port>444</port>
      <protocol>udp</protocol>
    </server>
    <config-profile>amzn, amzn2</config-profile>
    <notify_time>10</notify_time>
    <time-reconnect>60</time-reconnect>
    <auto_restart>yes</auto_restart>
    <crypto_method>aes</crypto_method>
    <enrollment>
      <enabled>yes</enabled>
      <manager_address>wazuh-manager</manager_address>
      <agent_name>TESTING</agent_name>
      <authorization_pass_path>etc/authd.pass</authorization_pass_path>
    </enrollment>
  </client>

Ubuntu 🟢

Command: WAZUH_MANAGER=wazuh-manager WAZUH_PROTOCOL=UDP WAZUH_MANAGER_PORT=444 WAZUH_AGENT_NAME=TESTING apt-get install ./wazuh-agent_4.4.0-0.commitd677dd2_amd64.deb
Configuration:

  <client>
    <server>
      <address>wazuh-manager</address>
      <port>444</port>
      <protocol>udp</protocol>
    </server>
    <config-profile>ubuntu, ubuntu22, ubuntu22.04</config-profile>
    <notify_time>10</notify_time>
    <time-reconnect>60</time-reconnect>
    <auto_restart>yes</auto_restart>
    <crypto_method>aes</crypto_method>
    <enrollment>
      <enabled>yes</enabled>
      <manager_address>wazuh-manager</manager_address>
      <agent_name>TESTING</agent_name>
      <authorization_pass_path>etc/authd.pass</authorization_pass_path>
    </enrollment>
  </client>

Windows 🔴

Command: .\wazuh-agent.msi /q WAZUH_MANAGER=wazuh-manager WAZUH_PROTOCOL=UDP WAZUH_MANAGER_PORT=444 WAZUH_AGENT_NAME=TESTING
Configuration:

  <client>
    <server>
      <address>wazuh-manager</address>
      <port>444</port>
      <protocol>udp</protocol>
      <protocol>tcp</protocol>
    </server>

    <crypto_method>aes</crypto_method>
    <notify_time>10</notify_time>
    <time-reconnect>60</time-reconnect>
    <auto_restart>yes</auto_restart>
    <enrollment>
        <enabled>yes</enabled>
        <agent_name>TESTING</agent_name>
    </enrollment>
  </client>

macOS 🟢

Command: launchctl setenv WAZUH_MANAGER "wazuh-manager" WAZUH_PROTOCOL "UDP" WAZUH_MANAGER_PORT "444" WAZUH_AGENT_NAME "TESTING" && installer -pkg wazuh-agent-4.4.0-0.commitd677dd2.pkg -target /
Configuration:

<ossec_config>
  <client>
    <server>
      <address>wazuh-manager</address>
      <port>444</port>
      <protocol>udp</protocol>
    </server>
    <config-profile>darwin, darwin21, darwin21.1</config-profile>
    <notify_time>10</notify_time>
    <time-reconnect>60</time-reconnect>
    <auto_restart>yes</auto_restart>
    <crypto_method>aes</crypto_method>
    <enrollment>
      <enabled>yes</enabled>
      <manager_address>wazuh-manager</manager_address>
      <agent_name>TESTING</agent_name>
      <authorization_pass_path>etc/authd.pass</authorization_pass_path>
    </enrollment>
  </client>

jmv74211 · 2022-10-11T10:47:08Z

QA review

Type: Manual testing.
Status: Requested changes 🔴
Comments: Some reasons have been found as to why we do not approve the PR. These are as follows:
- (1) The values of WAZUH_MANAGER do not follow the specified order, causing inconsistencies (cc @wazuh/cicd).
  
  Installation using the WAZUH_MANAGER variable with multiple values causes blocks to be inserted in an unexpected order, causing the protocols and manager addresses to not match as expected. This occurs for Linux and macOS agents.
- (2) WAZUH_PROTOCOL values cause multiple <protocol> blocks to be inserted in Windows agents, potentially causing unwanted behavior (cc @wazuh/cicd).
- (3) If we specify more values for WAZUH_MANAGER variable than > WAZUH_PROTOCOL, then wazuh-agent installation fails for Windows (cc @wazuh/cicd).
- (4) New Warning during agent installation in Ubuntu (cc @wazuh/cicd).
```
N: Download is performed unsandboxed as root as file '/home/ubuntu/wazuh-agent_4.4.0-0.commitd677dd2_amd64.deb' couldn't be accessed by user '_apt'. - pkgAcquire::Run (13: Permission denied)
```
- (5) Windows Server 2022 default configuration does not include any config-profile (cc @wazuh/cicd).
- (6) Default manager IP mismatch for Linux and macOS agents (MANAGER_IP) from Windows (0.0.0.0) (cc @wazuh/cicd).
- (7) Warning during Ubuntu agent uninstallation using apt-get remove wazuh-agent (cc @wazuh/cicd):
```
dpkg: warning: while removing wazuh-agent, directory '/usr/lib/systemd/system' not empty so not removed
```

This will be discussed with the development team in order to request the new proposed changes.

jmv74211 · 2022-10-11T11:11:22Z

After talking with the CICD team, it has been decided that (1), (2) and (3) (related to the network of the tested development) will be reviewed and fixed in this own development.

Regarding (4), (5), (6), (7) we will investigate if there are previously reported issues, and in case there are not they will be opened to be fixed in the future (it is not a stopper to approve the tested development).

Rebits · 2022-10-17T10:30:17Z

Testing after requested changes

Tester: @Rebits
PR commit: e0c0c34

Results 🔴

Multiple addresses and protocols 🔴

Unexpected message during installation in AmazonLinux and Ubuntu OS:
/var/ossec/packages_files/agent_installation_scripts/src/init/register_configure_agent.sh: line 339: [: too many arguments

AmazonLinux 🔴

Unexpected message during installation: /var/ossec/packages_files/agent_installation_scripts/src/init/register_configure_agent.sh: line 339: [: too many arguments

Command: WAZUH_MANAGER=3.3.3.3,2.2.2.2,1.1.1.1 WAZUH_PROTOCOL=UDP,UDP,TCP yum install wazuh-agent

Installation:

[root@ip-172-31-5-251 qa]#  WAZUH_MANAGER=3.3.3.3,2.2.2.2,1.1.1.1 WAZUH_PROTOCOL=UDP,UDP,TCP yum install wazuh-agent-4.4.0-0.commite0c0c34.x86_64.rpm 
Loaded plugins: extras_suggestions, langpacks, priorities, update-motd
...
/var/ossec/packages_files/agent_installation_scripts/src/init/register_configure_agent.sh: line 339: [: too many arguments
  Verifying  : wazuh-agent-4.4.0-0.commite0c0c34.x86_64

Configuration:

<ossec_config>
  <client>
    <server>
      <address>3.3.3.3</address>
      <port>1514</port>
      <protocol>udp</protocol>
    </server>
    <server>
      <address>2.2.2.2</address>
      <port>1514</port>
      <protocol>udp</protocol>
    </server>
    <server>
      <address>1.1.1.1</address>
      <port>1514</port>
      <protocol>tcp</protocol>
    </server>
    <config-profile>amzn, amzn2</config-profile>
    <notify_time>10</notify_time>
    <time-reconnect>60</time-reconnect>
    <auto_restart>yes</auto_restart>
    <crypto_method>aes</crypto_method>
    <enrollment>
      <enabled>yes</enabled>
      <manager_address>3.3.3.3</manager_address>
      <authorization_pass_path>etc/authd.pass</authorization_pass_path>
    </enrollment>
  </client>

Ubuntu 🔴

Unexpected message during installation /var/ossec/packages_files/agent_installation_scripts/src/init/register_configure_agent.sh: line 339: [: too many arguments

Command: WAZUH_MANAGER=3.3.3.3,2.2.2.2,1.1.1.1 WAZUH_PROTOCOL=UDP,UDP,TCP apt-get install ./wazuh-agent_4.4.0-0.commite0c0c34_amd64.deb
Install:

root@ip-172-31-2-16:/home/qa# WAZUH_MANAGER=3.3.3.3,2.2.2.2,1.1.1.1 WAZUH_PROTOCOL=UDP,UDP,TCP apt-get install ./wazuh-agent_4.4.0-0.commite0c0c34_amd64.deb
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
Note, selecting 'wazuh-agent' instead of './wazuh-agent_4.4.0-0.commite0c0c34_amd64.deb'
The following packages were automatically installed and are no longer required:
  libpython2-dev libpython2.7 libpython2.7-dev linux-image-5.13.0-1021-aws linux-modules-5.13.0-1021-aws python2-dev python2.7-dev
Use 'sudo apt autoremove' to remove them.
The following NEW packages will be installed:
  wazuh-agent
0 upgraded, 1 newly installed, 0 to remove and 0 not upgraded.
Need to get 0 B/8,718 kB of archives.
After this operation, 29.1 MB of additional disk space will be used.
Get:1 /home/qa/wazuh-agent_4.4.0-0.commite0c0c34_amd64.deb wazuh-agent amd64 4.4.0-0.commite0c0c34 [8,718 kB]
Preconfiguring packages ...       
Selecting previously unselected package wazuh-agent.
(Reading database ... 120114 files and directories currently installed.)
Preparing to unpack .../wazuh-agent_4.4.0-0.commite0c0c34_amd64.deb ...
Unpacking wazuh-agent (4.4.0-0.commite0c0c34) ...
Setting up wazuh-agent (4.4.0-0.commite0c0c34) ...
/var/ossec/packages_files/agent_installation_scripts/src/init/register_configure_agent.sh: line 339: [: too many arguments
Scanning processes...                                                                                                                                                                                              
Scanning linux images...                                                                                                                                                                                           

Running kernel seems to be up-to-date.

No services need to be restarted.

No containers need to be restarted.

No user sessions are running outdated binaries.

No VM guests are running outdated hypervisor (qemu) binaries on this host.
N: Download is performed unsandboxed as root as file '/home/qa/wazuh-agent_4.4.0-0.commite0c0c34_amd64.deb' couldn't be accessed by user '_apt'. - pkgAcquire::Run (13: Permission denied)

Configuration:

    <server>
      <address>3.3.3.3</address>
      <port>1514</port>
      <protocol>udp</protocol>
    </server>
    <server>
      <address>2.2.2.2</address>
      <port>1514</port>
      <protocol>udp</protocol>
    </server>
    <server>
      <address>1.1.1.1</address>
      <port>1514</port>
      <protocol>tcp</protocol>
    </server>

Windows 🟢

Command: wazuh-agent.msi /q WAZUH_MANAGER=3.3.3.3,2.2.2.2,1.1.1.1 WAZUH_PROTOCOL=UDP,UDP,TCP
Configuration:

    <server>
      <address>3.3.3.3</address>
      <port>1514</port>
      <protocol>udp</protocol>
    </server>
    <server>
      <address>2.2.2.2</address>
      <port>1514</port>
      <protocol>udp</protocol>
    </server>
    <server>
      <address>1.1.1.1</address>
      <port>1514</port>
      <protocol>tcp</protocol>
    </server>

macOS 🟢

Command: launchctl setenv WAZUH_MANAGER "3.3.3.3,2.2.2.2,1.1.1.1" WAZUH_PROTOCOL "UDP,UDP,TCP" && installer -pkg wazuh-agent-4.4.0.pkg -target /
Configuration:

    <server>
      <address>3.3.3.3</address>
      <port>1514</port>
      <protocol>udp</protocol>
    </server>
    <server>
      <address>2.2.2.2</address>
      <port>1514</port>
      <protocol>udp</protocol>
    </server>
    <server>
      <address>1.1.1.1</address>
      <port>1514</port>
      <protocol>tcp</protocol>
    </server>

Test deployment variables using multiple addresses and 1 protocol 🔴

Wazu agent installation failed for Windows OS

AmazonLinux 🟢

Command: WAZUH_MANAGER=wazuh-manager,wazuh-manager2,4.4.4.4,1.2.1.3,dns-manager WAZUH_PROTOCOL=UDP WAZUH_MANAGER_PORT=444 WAZUH_AGENT_NAME=TESTING yum install ./wazuh-agent-4.4.0-0.commitd677dd2.x86_64.rpm

Configuration:

    <server>
      <address>wazuh-manager</address>
      <port>444</port>
      <protocol>udp</protocol>
    </server>
    <server>
      <address>wazuh-manager2</address>
      <port>444</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>4.4.4.4</address>
      <port>444</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>1.2.1.3</address>
      <port>444</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>dns-manager</address>
      <port>444</port>
      <protocol>tcp</protocol>
    </server>

Ubuntu 🟢

Command: WAZUH_MANAGER=wazuh-manager,wazuh-manager2,4.4.4.4,1.2.1.3,dns-manager WAZUH_PROTOCOL=UDP WAZUH_MANAGER_PORT=444 WAZUH_AGENT_NAME=TESTING apt-get install ./wazuh-agent_4.4.0-0.commitd677dd2_amd64.deb

Configuration:

  <client>
    <server>
      <address>wazuh-manager</address>
      <port>444</port>
      <protocol>udp</protocol>
    </server>
    <server>
      <address>wazuh-manager2</address>
      <port>444</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>4.4.4.4</address>
      <port>444</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>1.2.1.3</address>
      <port>444</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>dns-manager</address>
      <port>444</port>
      <protocol>tcp</protocol>
    </server>
    <config-profile>ubuntu, ubuntu22, ubuntu22.04</config-profile>
    <notify_time>10</notify_time>
    <time-reconnect>60</time-reconnect>
    <auto_restart>yes</auto_restart>
    <crypto_method>aes</crypto_method>
    <enrollment>
      <enabled>yes</enabled>
      <manager_address>wazuh-manager</manager_address>
      <agent_name>TESTING</agent_name>
      <authorization_pass_path>etc/authd.pass</authorization_pass_path>
    </enrollment>
  </client>

Windows 🔴 ⚠️

Windows installer fails. Error not present in 4.3.8

Command: .\wazuh-agent.msi /q WAZUH_MANAGER=wazuh-manager,wazuh-manager2,4.4.4.4,1.2.1.3,dns-manager WAZUH_PROTOCOL=UDP WAZUH_MANAGER_PORT=444 WAZUH_AGENT_NAME=TESTING /l*v installer.log
installer.log: installer.zip

macOS 🟢

Command: launchctl setenv WAZUH_MANAGER "wazuh-manager,wazuh-manager2,4.4.4.4,1.2.1.3,dns-manager" WAZUH_PROTOCOL "UDP" WAZUH_MANAGER_PORT "444" WAZUH_AGENT_NAME "TESTING" && installer -pkg wazuh-agent-4.4.0-0.commite0c0c34.pkg -target /
Configuration:

  <client>
    <server>
      <address>wazuh-manager</address>
      <port>444</port>
      <protocol>udp</protocol>
    </server>
    <server>
      <address>wazuh-manager2</address>
      <port>444</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>4.4.4.4</address>
      <port>444</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>1.2.1.3</address>
      <port>444</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>dns-manager</address>
      <port>444</port>
      <protocol>tcp</protocol>
    </server>
    <config-profile>darwin, darwin21, darwin21.1</config-profile>
    <notify_time>10</notify_time>
    <time-reconnect>60</time-reconnect>
    <auto_restart>yes</auto_restart>
    <crypto_method>aes</crypto_method>
    <enrollment>
      <enabled>yes</enabled>
      <manager_address>wazuh-manager</manager_address>
      <agent_name>TESTING</agent_name>
      <authorization_pass_path>etc/authd.pass</authorization_pass_path>
    </enrollment>
  </client>

Duplicate manager 🔴

If duplicated managers are provided in WAZUH_MANAGER, the configuration will include duplicate configuration.

AmazonLinux 🔴

Command: WAZUH_MANAGER=wazuh-manager,wazuh-manager WAZUH_PROTOCOL=UDP WAZUH_MANAGER_PORT=444 WAZUH_AGENT_NAME=TESTING yum install ./wazuh-agent-4.4.0-0.commite0c0c34.x86_64.rpm

Configuration:

  <client>
    <server>
      <address>wazuh-manager</address>
      <port>444</port>
      <protocol>udp</protocol>
    </server>
    <server>
      <address>wazuh-manager</address>
      <port>444</port>
      <protocol>tcp</protocol>
    </server>
    <config-profile>amzn, amzn2</config-profile>
    <notify_time>10</notify_time>
    <time-reconnect>60</time-reconnect>
    <auto_restart>yes</auto_restart>
    <crypto_method>aes</crypto_method>
    <enrollment>
      <enabled>yes</enabled>
      <manager_address>wazuh-manager</manager_address>
      <agent_name>TESTING</agent_name>
      <authorization_pass_path>etc/authd.pass</authorization_pass_path>
    </enrollment>
  </client>

Ubuntu 🔴

Command: WAZUH_MANAGER=wazuh-manager,wazuh-manager WAZUH_PROTOCOL=UDP WAZUH_MANAGER_PORT=444 WAZUH_AGENT_NAME=TESTING apt-get install ./wazuh-agent_4.4.0-0.commite0c0c34_amd64.deb

Configuration:

  <client>
    <server>
      <address>wazuh-manager</address>
      <port>444</port>
      <protocol>udp</protocol>
    </server>
    <server>
      <address>wazuh-manager</address>
      <port>444</port>
      <protocol>tcp</protocol>
    </server>
    <config-profile>ubuntu, ubuntu22, ubuntu22.04</config-profile>
    <notify_time>10</notify_time>
    <time-reconnect>60</time-reconnect>
    <auto_restart>yes</auto_restart>
    <crypto_method>aes</crypto_method>
    <enrollment>
      <enabled>yes</enabled>
      <manager_address>wazuh-manager</manager_address>
      <agent_name>TESTING</agent_name>
      <authorization_pass_path>etc/authd.pass</authorization_pass_path>
    </enrollment>
  </client>

Windows 🔴

Command: .\wazuh-agent.msi /q WAZUH_MANAGER=wazuh-manager,wazuh-manager WAZUH_PROTOCOL=UDP,UDP WAZUH_MANAGER_PORT=444 WAZUH_AGENT_NAME=TESTING /l*v installer.log
Configuration:

  <client>
    <server>
      <address>wazuh-manager</address>
      <port>444</port>
      <protocol>udp</protocol>
    </server>
    <server>
      <address>wazuh-manager</address>
      <port>444</port>
      <protocol>udp</protocol>
    </server>
    <crypto_method>aes</crypto_method>
    <notify_time>10</notify_time>
    <time-reconnect>60</time-reconnect>
    <auto_restart>yes</auto_restart>
    <enrollment>
        <enabled>yes</enabled>
        <agent_name>TESTING</agent_name>
    </enrollment>
  </client>

macOS 🔴

Command: launchctl setenv WAZUH_MANAGER "wazuh-manager,wazuh-manager" WAZUH_PROTOCOL "UDP" WAZUH_MANAGER_PORT "444" WAZUH_AGENT_NAME "TESTING" && installer -pkg wazuh-agent-4.4.0-0.commite0c0c34.pkg -target /
Configuration:

    <server>
      <address>wazuh-manager</address>
      <port>444</port>
      <protocol>udp</protocol>
    </server>
    <server>
      <address>wazuh-manager</address>
      <port>444</port>
      <protocol>tcp</protocol>
    </server>

Rebits · 2022-10-17T11:58:49Z

Update - 17/10/2022

- Reported in wazuh/wazuh-qa#3400 (comment)

DFolchA · 2022-10-17T16:38:42Z

Update

After meeting with @Rebits and @alberpilot we decided on the following
wazuh/wazuh#14532 (comment)

Rebits · 2022-10-24T12:08:19Z

Testing after requested changes

Tester: @Rebits
PR commit: 8eb0a41

Note: Due to https://github.com/wazuh/wazuh-jenkins/issues/3115, macOS was not tested properly. It is suggested to consider detected bugs in this testing interaction while the deployment issue is mitigated.
Build: https://ci.wazuh.info/job/Deployer/554/console

Conclusions:

Detected bug in windows agent installation for same manager ips with the same duplicate protocol. 🔴
Detected bug in windows agent installation that allows empty manager addresses 🔴 /🟡
Windows/Linux deployment configuration differs regarding the options specified in the ossec.conf. While in Linux agent enrollment configuration block is always specified, in Windows agent if default values are not changed, no configuration is specified. 🟡
Enrollment configuration block indentation is incorrect for Windows agents. 🟡
If a previous agent installation was performed, and only binaries were removed (apt-get remove), the new agent installation will set the default configuration independently of the parameters specified. 🟡

Multiple addresses and protocols. 🟢

AmazonLinux 🟢

Command: WAZUH_MANAGER=3.3.3.3,2.2.2.2,1.1.1.1 WAZUH_PROTOCOL=UDP,UDP,TCP yum install wazuh-agent-4.4.0-0.commit8eb0a41.x86_64.rpm
Configuration:

    <server>
      <address>3.3.3.3</address>
      <port>1514</port>
      <protocol>udp</protocol>
    </server>
    <server>
      <address>2.2.2.2</address>
      <port>1514</port>
      <protocol>udp</protocol>
    </server>
    <server>
      <address>1.1.1.1</address>
      <port>1514</port>
      <protocol>tcp</protocol>
    </server>

Ubuntu 🟢

Command: WAZUH_MANAGER=3.3.3.3,2.2.2.2,1.1.1.1 WAZUH_PROTOCOL=UDP,UDP,TCP apt-get install ./wazuh-agent_4.4.0-0.commit8eb0a41_amd64.deb
Configuration:

  <client>
    <server>
      <address>3.3.3.3</address>
      <port>1514</port>
      <protocol>udp</protocol>
    </server>
    <server>
      <address>2.2.2.2</address>
      <port>1514</port>
      <protocol>udp</protocol>
    </server>
    <server>
      <address>1.1.1.1</address>
      <port>1514</port>
      <protocol>tcp</protocol>
    </server>

Windows 🟢

Command: .\wazuh-agent.msi /q WAZUH_MANAGER=3.3.3.3,2.2.2.2,1.1.1.1 WAZUH_PROTOCOL=UDP,UDP,TCP
Configuration:

  <client>
    <server>
      <address>3.3.3.3</address>
      <port>1514</port>
      <protocol>udp</protocol>
    </server>
    <server>
      <address>2.2.2.2</address>
      <port>1514</port>
      <protocol>udp</protocol>
    </server>
    <server>
      <address>1.1.1.1</address>
      <port>1514</port>
      <protocol>tcp</protocol>
    </server>
    <crypto_method>aes</crypto_method>
    <notify_time>10</notify_time>
    <time-reconnect>60</time-reconnect>
    <auto_restart>yes</auto_restart>
  </client>

macOS 🔵

Command:
Configuration:

Test deployment variables using multiple addresses and 1 protocol 🟢

AmazonLinux 🟢

Command: WAZUH_MANAGER=wazuh-manager,wazuh-manager2,4.4.4.4,1.2.1.3,dns-manager WAZUH_PROTOCOL=UDP WAZUH_MANAGER_PORT=444 WAZUH_AGENT_NAME=TESTING yum install ./wazuh-agent-4.4.0.rpm
Configuration:

    <server>
      <address>wazuh-manager</address>
      <port>444</port>
      <protocol>udp</protocol>
    </server>
    <server>
      <address>wazuh-manager2</address>
      <port>444</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>4.4.4.4</address>
      <port>444</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>1.2.1.3</address>
      <port>444</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>dns-manager</address>
      <port>444</port>
      <protocol>tcp</protocol>
    </server>

Ubuntu 🟢

Command: WAZUH_MANAGER=wazuh-manager,wazuh-manager2,4.4.4.4,1.2.1.3,dns-manager WAZUH_PROTOCOL=UDP WAZUH_MANAGER_PORT=444 WAZUH_AGENT_NAME=TESTING apt-get install ./wazuh-agent_4.4.0.deb
Configuration:

    <server>
      <address>wazuh-manager</address>
      <port>444</port>
      <protocol>udp</protocol>
    </server>
    <server>
      <address>wazuh-manager2</address>
      <port>444</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>4.4.4.4</address>
      <port>444</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>1.2.1.3</address>
      <port>444</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>dns-manager</address>
      <port>444</port>
      <protocol>tcp</protocol>
    </server>

Windows 🟢

Command: \wazuh-agent.msi /q WAZUH_MANAGER=wazuh-manager,wazuh-manager2,4.4.4.4,1.2.1.3,dns-manager WAZUH_PROTOCOL=UDP WAZUH_MANAGER_PORT=444 WAZUH_AGENT_NAME=TESTING
Configuration:

  <client>
    <server>
      <address>wazuh-manager</address>
      <port>444</port>
      <protocol>udp</protocol>
    </server>
    <server>
      <address>wazuh-manager2</address>
      <port>444</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>4.4.4.4</address>
      <port>444</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>1.2.1.3</address>
      <port>444</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>dns-manager</address>
      <port>444</port>
      <protocol>tcp</protocol>
    </server>
    <crypto_method>aes</crypto_method>
    <notify_time>10</notify_time>
    <time-reconnect>60</time-reconnect>
    <auto_restart>yes</auto_restart>
    <enrollment>
        <enabled>yes</enabled>
        <agent_name>TESTING</agent_name>
    </enrollment>
  </client>

macOS 🔵

Command:
Configuration:

Duplicate manager - Different protocols 🟢

AmazonLinux 🟢

Command: WAZUH_MANAGER=wazuh-manager,wazuh-manager WAZUH_PROTOCOL=UDP WAZUH_MANAGER_PORT=444 WAZUH_AGENT_NAME=TESTING yum install ./wazuh-agent-4.4.0-0.rpm
Configuration:
    <server>
      <address>wazuh-manager</address>
      <port>444</port>
      <protocol>udp</protocol>
    </server>
    <server>
      <address>wazuh-manager</address>
      <port>444</port>
      <protocol>tcp</protocol>
    </server>
Ubuntu 🟢

Command: WAZUH_MANAGER=wazuh-manager,wazuh-manager WAZUH_PROTOCOL=UDP WAZUH_MANAGER_PORT=444 WAZUH_AGENT_NAME=TESTING apt-get install ./wazuh-agent_4.4.0-0..deb
Configuration:
    <server>
      <address>wazuh-manager</address>
      <port>444</port>
      <protocol>udp</protocol>
    </server>
    <server>
      <address>wazuh-manager</address>
      <port>444</port>
      <protocol>tcp</protocol>
    </server>
Windows 🟢

Command: \wazuh-agent.msi /q WAZUH_MANAGER=wazuh-manager,wazuh-manager WAZUH_PROTOCOL=UDP WAZUH_MANAGER_PORT=444 WAZUH_AGENT_NAME=TESTING
Configuration:
  <client>
    <server>
      <address>wazuh-manager</address>
      <port>444</port>
      <protocol>udp</protocol>
    </server>
    <server>
      <address>wazuh-manager</address>
      <port>444</port>
      <protocol>tcp</protocol>
    </server>
    <crypto_method>aes</crypto_method>
    <notify_time>10</notify_time>
    <time-reconnect>60</time-reconnect>
    <auto_restart>yes</auto_restart>
    <enrollment>
        <enabled>yes</enabled>
        <agent_name>TESTING</agent_name>
    </enrollment>
  </client>
macOS 🔵

Command:
Configuration:

Duplicate manager - Same protocols 🔴

AmazonLinux 🟢

Command:

WAZUH_MANAGER=wazuh-manager,wazuh-manager WAZUH_PROTOCOL=TCP WAZUH_MANAGER_PORT=444 WAZUH_AGENT_NAME=TESTING yum install ./wazuh-agent-4.4.0-0.commit8eb0a41.x86_64.rpm

WAZUH_MANAGER=wazuh-manager,wazuh-manager WAZUH_PROTOCOL=tCP,tCp WAZUH_MANAGER_PORT=444 WAZUH_AGENT_NAME=TESTING yum install ./wazuh-agent-4.4.0-0.commit8eb0a41.x86_64.rpm

Configuration:
    <server>
      <address>wazuh-manager</address>
      <port>444</port>
      <protocol>tcp</protocol>
    </server>
Ubuntu 🟢

Command:

WAZUH_MANAGER=wazuh-manager,wazuh-manager WAZUH_PROTOCOL=TCP WAZUH_MANAGER_PORT=444 WAZUH_AGENT_NAME=TESTING apt-get install wazuh-agent

WAZUH_MANAGER=wazuh-manager,wazuh-manager WAZUH_PROTOCOL=tCP,tCp WAZUH_MANAGER_PORT=444 WAZUH_AGENT_NAME=TESTING apt-get install wazuh-agent
Configuration:
    <server>
      <address>wazuh-manager</address>
      <port>444</port>
      <protocol>tcp</protocol>
    </server>
Windows 🔴

Command:

.\wazuh-agent.msi /q WAZUH_MANAGER=wazuh-manager,wazuh-manager WAZUH_PROTOCOL=TCP WAZUH_MANAGER_PORT=444 WAZUH_AGENT_NAME=TESTING

.\wazuh-agent.msi /q WAZUH_MANAGER=wazuh-manager,wazuh-manager WAZUH_PROTOCOL=TCP,tCP WAZUH_MANAGER_PORT=444 WAZUH_AGENT_NAME=TESTING
Configuration:
  <client>
    <server>
      <address>wazuh-manager</address>
      <port>444</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>wazuh-manager</address>
      <port>444</port>
      <protocol>tcp</protocol>
    </server>
    <crypto_method>aes</crypto_method>
    <notify_time>10</notify_time>
    <time-reconnect>60</time-reconnect>
    <auto_restart>yes</auto_restart>
    <enrollment>
        <enabled>yes</enabled>
        <agent_name>TESTING</agent_name>
    </enrollment>
  </client>
Expected :
    <server>
      <address>wazuh-manager</address>
      <port>444</port>
      <protocol>tcp</protocol>
    </server>
macOS 🔵

Command:
Configuration:

All deployment variables at the same time with multiple addresses 🟢

AmazonLinux 🟢

Command: WAZUH_MANAGER=1.1.1.1,wazuh-manager,3.3.3.3,testing-manager,dns-manager,MANAGER-4 WAZUH_MANAGER_PORT=7777 WAZUH_PROTOCOL=udp WAZUH_REGISTRATION_SERVER=2.2.2.2 WAZUH_REGISTRATION_PORT=8888 WAZUH_REGISTRATION_PASSWORD=password WAZUH_KEEP_ALIVE_INTERVAL=10 WAZUH_TIME_RECONNECT=10 WAZUH_REGISTRATION_CA=/var/ossec/etc/testsslmanager.cert WAZUH_REGISTRATION_CERTIFICATE=/var/ossec/etc/testsslmanager.cert WAZUH_REGISTRATION_KEY=/var/ossec/etc/testsslmanager.key WAZUH_AGENT_NAME=test-agent WAZUH_AGENT_GROUP=test-group ENROLLMENT_DELAY=10 yum install ./wazuh-agent-4.4.0-0.commit8eb0a41.x86_64
Configuration:

  <client>
    <server>
      <address>1.1.1.1</address>
      <port>7777</port>
      <protocol>udp</protocol>
    </server>
    <server>
      <address>wazuh-manager</address>
      <port>7777</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>3.3.3.3</address>
      <port>7777</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>testing-manager</address>
      <port>7777</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>dns-manager</address>
      <port>7777</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>MANAGER-4</address>
      <port>7777</port>
      <protocol>tcp</protocol>
    </server>
    <config-profile>amzn, amzn2</config-profile>
    <notify_time>10</notify_time>
    <time-reconnect>10</time-reconnect>
    <auto_restart>yes</auto_restart>
    <crypto_method>aes</crypto_method>
    <enrollment>
      <enabled>yes</enabled>
      <manager_address>2.2.2.2</manager_address>
      <port>8888</port>
      <agent_name>test-agent</agent_name>
      <groups>test-group</groups>
      <server_ca_path>/var/ossec/etc/testsslmanager.cert</server_ca_path>
      <agent_certificate_path>/var/ossec/etc/testsslmanager.cert</agent_certificate_path>
      <agent_key_path>/var/ossec/etc/testsslmanager.key</agent_key_path>
      <authorization_pass_path>etc/authd.pass</authorization_pass_path>
      <delay_after_enrollment>10</delay_after_enrollment>
    </enrollment>
  </client>

Ubuntu 🟢

Command: WAZUH_MANAGER=1.1.1.1,wazuh-manager,3.3.3.3,testing-manager,dns-manager,MANAGER-4 WAZUH_MANAGER_PORT=7777 WAZUH_PROTOCOL=udp WAZUH_REGISTRATION_SERVER=2.2.2.2 WAZUH_REGISTRATION_PORT=8888 WAZUH_REGISTRATION_PASSWORD=password WAZUH_KEEP_ALIVE_INTERVAL=10 WAZUH_TIME_RECONNECT=10 WAZUH_REGISTRATION_CA=/var/ossec/etc/testsslmanager.cert WAZUH_REGISTRATION_CERTIFICATE=/var/ossec/etc/testsslmanager.cert WAZUH_REGISTRATION_KEY=/var/ossec/etc/testsslmanager.key WAZUH_AGENT_NAME=test-agent WAZUH_AGENT_GROUP=test-group ENROLLMENT_DELAY=10 apt-get install ./wazuh-agent_4.4.0-0.commit8eb0a41_amd64.deb
Configuration:

  <client>
    <server>
      <address>1.1.1.1</address>
      <port>7777</port>
      <protocol>udp</protocol>
    </server>
    <server>
      <address>wazuh-manager</address>
      <port>7777</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>3.3.3.3</address>
      <port>7777</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>testing-manager</address>
      <port>7777</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>dns-manager</address>
      <port>7777</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>MANAGER-4</address>
      <port>7777</port>
      <protocol>tcp</protocol>
    </server>
    <config-profile>ubuntu, ubuntu22, ubuntu22.04</config-profile>
    <notify_time>10</notify_time>
    <time-reconnect>10</time-reconnect>
    <auto_restart>yes</auto_restart>
    <crypto_method>aes</crypto_method>
    <enrollment>
      <enabled>yes</enabled>
      <manager_address>2.2.2.2</manager_address>
      <port>8888</port>
      <agent_name>test-agent</agent_name>
      <groups>test-group</groups>
      <server_ca_path>/var/ossec/etc/testsslmanager.cert</server_ca_path>
      <agent_certificate_path>/var/ossec/etc/testsslmanager.cert</agent_certificate_path>
      <agent_key_path>/var/ossec/etc/testsslmanager.key</agent_key_path>
      <authorization_pass_path>etc/authd.pass</authorization_pass_path>
      <delay_after_enrollment>10</delay_after_enrollment>
    </enrollment>
  </client>

Windows 🟢

Command: .\wazuh-agent.msi /q WAZUH_MANAGER=1.1.1.1,wazuh-manager,3.3.3.3,testing-manager,dns-manager,MANAGER-4 WAZUH_MANAGER_PORT=7777 WAZUH_PROTOCOL=udp WAZUH_REGISTRATION_SERVER=2.2.2.2 WAZUH_REGISTRATION_PORT=8888 WAZUH_REGISTRATION_PASSWORD=password WAZUH_KEEP_ALIVE_INTERVAL=10 WAZUH_TIME_RECONNECT=10 WAZUH_REGISTRATION_CA=/var/ossec/etc/testsslmanager.cert WAZUH_REGISTRATION_CERTIFICATE=/var/ossec/etc/testsslmanager.cert WAZUH_REGISTRATION_KEY=/var/ossec/etc/testsslmanager.key WAZUH_AGENT_NAME=test-agent WAZUH_AGENT_GROUP=test-group ENROLLMENT_DELAY=10
Configuration:

  <client>
    <server>
      <address>1.1.1.1</address>
      <port>7777</port>
      <protocol>udp</protocol>
    </server>
    <server>
      <address>wazuh-manager</address>
      <port>7777</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>3.3.3.3</address>
      <port>7777</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>testing-manager</address>
      <port>7777</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>dns-manager</address>
      <port>7777</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>MANAGER-4</address>
      <port>7777</port>
      <protocol>tcp</protocol>
    </server>
    <crypto_method>aes</crypto_method>
    <notify_time>10</notify_time>
    <time-reconnect>10</time-reconnect>
    <auto_restart>yes</auto_restart>
    <enrollment>
        <enabled>yes</enabled>
        <manager_address>2.2.2.2</manager_address>
        <port>8888</port>
        <authorization_pass_path>authd.pass</authorization_pass_path>
        <server_ca_path>/var/ossec/etc/testsslmanager.cert</server_ca_path>
        <agent_certificate_path>/var/ossec/etc/testsslmanager.cert</agent_certificate_path>
        <agent_key_path>/var/ossec/etc/testsslmanager.key</agent_key_path>
        <agent_name>test-agent</agent_name>
        <groups>test-group</groups>
        <delay_after_enrollment>10</delay_after_enrollment>
    </enrollment>
  </client>

macOS 🔵

Command:
Configuration:

All deployment variables at the same time with multiple addresses and protocols 🟢

AmazonLinux 🟢

Command: WAZUH_MANAGER=1.1.1.1,wazuh-manager,3.3.3.3,testing-manager,dns-manager,MANAGER-4 WAZUH_MANAGER_PORT=7777 WAZUH_PROTOCOL=udp,tcp,udp,tcp,udp,tcp,udp,tcp WAZUH_REGISTRATION_SERVER=2.2.2.2 WAZUH_REGISTRATION_PORT=8888 WAZUH_REGISTRATION_PASSWORD=password WAZUH_KEEP_ALIVE_INTERVAL=10 WAZUH_TIME_RECONNECT=10 WAZUH_REGISTRATION_CA=/var/ossec/etc/testsslmanager.cert WAZUH_REGISTRATION_CERTIFICATE=/var/ossec/etc/testsslmanager.cert WAZUH_REGISTRATION_KEY=/var/ossec/etc/testsslmanager.key WAZUH_AGENT_NAME=test-agent WAZUH_AGENT_GROUP=test-group ENROLLMENT_DELAY=10 yum install ./wazuh-agent-4.4.0-0.commit8eb0a41.x86_64.rpm
Configuration:
  <client>
    <server>
      <address>1.1.1.1</address>
      <port>7777</port>
      <protocol>udp</protocol>
    </server>
    <server>
      <address>wazuh-manager</address>
      <port>7777</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>3.3.3.3</address>
      <port>7777</port>
      <protocol>udp</protocol>
    </server>
    <server>
      <address>testing-manager</address>
      <port>7777</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>dns-manager</address>
      <port>7777</port>
      <protocol>udp</protocol>
    </server>
    <server>
      <address>MANAGER-4</address>
      <port>7777</port>
      <protocol>tcp</protocol>
    </server>
    <config-profile>amzn, amzn2</config-profile>
    <notify_time>10</notify_time>
    <time-reconnect>10</time-reconnect>
    <auto_restart>yes</auto_restart>
    <crypto_method>aes</crypto_method>
    <enrollment>
      <enabled>yes</enabled>
      <manager_address>2.2.2.2</manager_address>
      <port>8888</port>
      <agent_name>test-agent</agent_name>
      <groups>test-group</groups>
      <server_ca_path>/var/ossec/etc/testsslmanager.cert</server_ca_path>
      <agent_certificate_path>/var/ossec/etc/testsslmanager.cert</agent_certificate_path>
      <agent_key_path>/var/ossec/etc/testsslmanager.key</agent_key_path>
      <authorization_pass_path>etc/authd.pass</authorization_pass_path>
      <delay_after_enrollment>10</delay_after_enrollment>
    </enrollment>
  </client>
Ubuntu 🟢

Command: WAZUH_MANAGER=1.1.1.1,wazuh-manager,3.3.3.3,testing-manager,dns-manager,MANAGER-4 WAZUH_MANAGER_PORT=7777 WAZUH_PROTOCOL=udp,tcp,udp,tcp,udp,tcp,udp,tcp WAZUH_REGISTRATION_SERVER=2.2.2.2 WAZUH_REGISTRATION_PORT=8888 WAZUH_REGISTRATION_PASSWORD=password WAZUH_KEEP_ALIVE_INTERVAL=10 WAZUH_TIME_RECONNECT=10 WAZUH_REGISTRATION_CA=/var/ossec/etc/testsslmanager.cert WAZUH_REGISTRATION_CERTIFICATE=/var/ossec/etc/testsslmanager.cert WAZUH_REGISTRATION_KEY=/var/ossec/etc/testsslmanager.key WAZUH_AGENT_NAME=test-agent WAZUH_AGENT_GROUP=test-group ENROLLMENT_DELAY=10 apt-get install ./wazuh-agent_4.4.0-0.commit8eb0a41_amd64.deb
Configuration:
  <client>
    <server>
      <address>1.1.1.1</address>
      <port>7777</port>
      <protocol>udp</protocol>
    </server>
    <server>
      <address>wazuh-manager</address>
      <port>7777</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>3.3.3.3</address>
      <port>7777</port>
      <protocol>udp</protocol>
    </server>
    <server>
      <address>testing-manager</address>
      <port>7777</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>dns-manager</address>
      <port>7777</port>
      <protocol>udp</protocol>
    </server>
    <server>
      <address>MANAGER-4</address>
      <port>7777</port>
      <protocol>tcp</protocol>
    </server>
    <config-profile>ubuntu, ubuntu22, ubuntu22.04</config-profile>
    <notify_time>10</notify_time>
    <time-reconnect>10</time-reconnect>
    <auto_restart>yes</auto_restart>
    <crypto_method>aes</crypto_method>
    <enrollment>
      <enabled>yes</enabled>
      <manager_address>2.2.2.2</manager_address>
      <port>8888</port>
      <agent_name>test-agent</agent_name>
      <groups>test-group</groups>
      <server_ca_path>/var/ossec/etc/testsslmanager.cert</server_ca_path>
      <agent_certificate_path>/var/ossec/etc/testsslmanager.cert</agent_certificate_path>
      <agent_key_path>/var/ossec/etc/testsslmanager.key</agent_key_path>
      <authorization_pass_path>etc/authd.pass</authorization_pass_path>
      <delay_after_enrollment>10</delay_after_enrollment>
    </enrollment>
  </client>
Windows 🟢

Command: \wazuh-agent.msi /q WAZUH_MANAGER=1.1.1.1,wazuh-manager,3.3.3.3,testing-manager,dns-manager,MANAGER-4 WAZUH_MANAGER_PORT=7777 WAZUH_PROTOCOL=udp,tcp,udp,tcp,udp,tcp,udp,tcp WAZUH_REGISTRATION_SERVER=2.2.2.2 WAZUH_REGISTRATION_PORT=8888 WAZUH_REGISTRATION_PASSWORD=password WAZUH_KEEP_ALIVE_INTERVAL=10 WAZUH_TIME_RECONNECT=10 WAZUH_REGISTRATION_CA=/var/ossec/etc/testsslmanager.cert WAZUH_REGISTRATION_CERTIFICATE=/var/ossec/etc/testsslmanager.cert WAZUH_REGISTRATION_KEY=/var/ossec/etc/testsslmanager.key WAZUH_AGENT_NAME=test-agent WAZUH_AGENT_GROUP=test-group ENROLLMENT_DELAY=10
Configuration:
  <client>
    <server>
      <address>1.1.1.1</address>
      <port>7777</port>
      <protocol>udp</protocol>
    </server>
    <server>
      <address>wazuh-manager</address>
      <port>7777</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>3.3.3.3</address>
      <port>7777</port>
      <protocol>udp</protocol>
    </server>
    <server>
      <address>testing-manager</address>
      <port>7777</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>dns-manager</address>
      <port>7777</port>
      <protocol>udp</protocol>
    </server>
    <server>
      <address>MANAGER-4</address>
      <port>7777</port>
      <protocol>tcp</protocol>
    </server>
    <crypto_method>aes</crypto_method>
    <notify_time>10</notify_time>
    <time-reconnect>10</time-reconnect>
    <auto_restart>yes</auto_restart>
    <enrollment>
        <enabled>yes</enabled>
        <manager_address>2.2.2.2</manager_address>
        <port>8888</port>
        <authorization_pass_path>authd.pass</authorization_pass_path>
        <server_ca_path>/var/ossec/etc/testsslmanager.cert</server_ca_path>
        <agent_certificate_path>/var/ossec/etc/testsslmanager.cert</agent_certificate_path>
        <agent_key_path>/var/ossec/etc/testsslmanager.key</agent_key_path>
        <agent_name>test-agent</agent_name>
        <groups>test-group</groups>
        <delay_after_enrollment>10</delay_after_enrollment>
    </enrollment>
  </client>
macOS 🔵

Command:
Configuration:

Test each deployment variable individually: WAZUH_MANAGER 🔴

AmazonLinux 🟢

Command: WAZUH_MANAGER="1,2,3,4,5,6,7,8,9,1,2,3,4,5,6,7,8,9,,,,,,,,,,,1,12" yum install ./wazuh-agent-4.4.0-0.commit8eb0a41.x86_64.rpm
Configuration:

  <client>
    <server>
      <address>1</address>
      <port>1514</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>12</address>
      <port>1514</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>2</address>
      <port>1514</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>3</address>
      <port>1514</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>4</address>
      <port>1514</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>5</address>
      <port>1514</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>6</address>
      <port>1514</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>7</address>
      <port>1514</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>8</address>
      <port>1514</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>9</address>
      <port>1514</port>
      <protocol>tcp</protocol>
    </server>
    <config-profile>amzn, amzn2</config-profile>
    <notify_time>10</notify_time>
    <time-reconnect>60</time-reconnect>
    <auto_restart>yes</auto_restart>
    <crypto_method>aes</crypto_method>
    <enrollment>
      <enabled>yes</enabled>
      <manager_address>1</manager_address>
      <authorization_pass_path>etc/authd.pass</authorization_pass_path>
    </enrollment>
  </client>

Ubuntu 🟢

Command: WAZUH_MANAGER="1,2,3,4,5,6,7,8,9,1,2,3,4,5,6,7,8,9,,,,,,,,,,,1,12" apt-get install ./wazuh-agent_4.4.0-0.commit8eb0a41_amd64.deb
Configuration:

  <client>
    <server>
      <address>1</address>
      <port>1514</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>12</address>
      <port>1514</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>2</address>
      <port>1514</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>3</address>
      <port>1514</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>4</address>
      <port>1514</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>5</address>
      <port>1514</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>6</address>
      <port>1514</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>7</address>
      <port>1514</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>8</address>
      <port>1514</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>9</address>
      <port>1514</port>
      <protocol>tcp</protocol>
    </server>
    <config-profile>ubuntu, ubuntu22, ubuntu22.04</config-profile>
    <notify_time>10</notify_time>
    <time-reconnect>60</time-reconnect>
    <auto_restart>yes</auto_restart>
    <crypto_method>aes</crypto_method>
    <enrollment>
      <enabled>yes</enabled>
      <manager_address>1</manager_address>
      <authorization_pass_path>etc/authd.pass</authorization_pass_path>
    </enrollment>
  </client>

Windows 🔴

Invalid configuration. Windows agent instalation does not skip empty addressess

Command: .\wazuh-agent.msi /q WAZUH_MANAGER="1,2,3,4,5,6,7,8,9,1,2,3,4,5,6,7,8,9,,,,,,,,,,,1,12"
Configuration:

  <client>
    <server>
      <address>1</address>
      <port>1514</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>2</address>
      <port>1514</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>3</address>
      <port>1514</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>4</address>
      <port>1514</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>5</address>
      <port>1514</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>6</address>
      <port>1514</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>7</address>
      <port>1514</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>8</address>
      <port>1514</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>9</address>
      <port>1514</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address></address>
      <port>1514</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>12</address>
      <port>1514</port>
      <protocol>tcp</protocol>
    </server>
    <crypto_method>aes</crypto_method>
    <notify_time>10</notify_time>
    <time-reconnect>60</time-reconnect>
    <auto_restart>yes</auto_restart>
  </client>

macOS 🔵

Command:
Configuration:

Test deployment variables using multiple addresses and 1 protocol 🟢

AmazonLinux 🟢

Command: WAZUH_MANAGER=wazuh-manager,wazuh-manager2,4.4.4.4,1.2.1.3,dns-manager WAZUH_PROTOCOL=UDP WAZUH_MANAGER_PORT=444 WAZUH_AGENT_NAME=TESTING yum install ./wazuh-agent-4.4.0-0.commitd677dd2.x86_64.rpm`
Configuration:

  <client>
    <server>
      <address>wazuh-manager</address>
      <port>444</port>
      <protocol>udp</protocol>
    </server>
    <server>
      <address>wazuh-manager2</address>
      <port>444</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>4.4.4.4</address>
      <port>444</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>1.2.1.3</address>
      <port>444</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>dns-manager</address>
      <port>444</port>
      <protocol>tcp</protocol>
    </server>
    <config-profile>amzn, amzn2</config-profile>
    <notify_time>10</notify_time>
    <time-reconnect>60</time-reconnect>
    <auto_restart>yes</auto_restart>
    <crypto_method>aes</crypto_method>
    <enrollment>
      <enabled>yes</enabled>
      <manager_address>wazuh-manager</manager_address>
      <agent_name>TESTING</agent_name>
      <authorization_pass_path>etc/authd.pass</authorization_pass_path>
    </enrollment>
  </client>

Ubuntu 🟢

Command: WAZUH_MANAGER=wazuh-manager,wazuh-manager2,4.4.4.4,1.2.1.3,dns-manager WAZUH_PROTOCOL=UDP WAZUH_MANAGER_PORT=444 WAZUH_AGENT_NAME=TESTING apt-get install ./wazuh-agent_4.4.0-0.commit8eb0a41_amd64.deb
Configuration:

  <client>
    <server>
      <address>wazuh-manager</address>
      <port>444</port>
      <protocol>udp</protocol>
    </server>
    <server>
      <address>wazuh-manager2</address>
      <port>444</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>4.4.4.4</address>
      <port>444</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>1.2.1.3</address>
      <port>444</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>dns-manager</address>
      <port>444</port>
      <protocol>tcp</protocol>
    </server>
    <config-profile>ubuntu, ubuntu22, ubuntu22.04</config-profile>
    <notify_time>10</notify_time>
    <time-reconnect>60</time-reconnect>
    <auto_restart>yes</auto_restart>
    <crypto_method>aes</crypto_method>
    <enrollment>
      <enabled>yes</enabled>
      <manager_address>wazuh-manager</manager_address>
      <agent_name>TESTING</agent_name>
      <authorization_pass_path>etc/authd.pass</authorization_pass_path>
    </enrollment>
  </client>

Windows 🟢

Command: .\wazuh-agent.msi /q WAZUH_MANAGER=wazuh-manager,wazuh-manager2,4.4.4.4,1.2.1.3,dns-manager WAZUH_PROTOCOL=UDP WAZUH_MANAGER_PORT=444 WAZUH_AGENT_NAME=TESTING
Configuration:

  <client>
    <server>
      <address>wazuh-manager</address>
      <port>444</port>
      <protocol>udp</protocol>
    </server>
    <server>
      <address>wazuh-manager2</address>
      <port>444</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>4.4.4.4</address>
      <port>444</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>1.2.1.3</address>
      <port>444</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>dns-manager</address>
      <port>444</port>
      <protocol>tcp</protocol>
    </server>
    <crypto_method>aes</crypto_method>
    <notify_time>10</notify_time>
    <time-reconnect>60</time-reconnect>
    <auto_restart>yes</auto_restart>
    <enrollment>
        <enabled>yes</enabled>
        <agent_name>TESTING</agent_name>
    </enrollment>
  </client>

macOS 🔵

Command:
Configuration:

Test deployment variables using 1 address and multiple protocols 🟢

AmazonLinux 🟢

Command: WAZUH_MANAGER=wazuh-manager WAZUH_PROTOCOL=UDP,TCP,TPC,UPC,UDP WAZUH_MANAGER_PORT=444 WAZUH_AGENT_NAME=TESTING yum install ./wazuh-agent-4.4.0-0.commit8eb0a41.x86_64.rpm
Configuration:

  <client>
    <server>
      <address>wazuh-manager</address>
      <port>444</port>
      <protocol>udp</protocol>
    </server>
    <config-profile>amzn, amzn2</config-profile>
    <notify_time>10</notify_time>
    <time-reconnect>60</time-reconnect>
    <auto_restart>yes</auto_restart>
    <crypto_method>aes</crypto_method>
    <enrollment>
      <enabled>yes</enabled>
      <manager_address>wazuh-manager</manager_address>
      <agent_name>TESTING</agent_name>
      <authorization_pass_path>etc/authd.pass</authorization_pass_path>
    </enrollment>
  </client>

Ubuntu 🟢

Command: WAZUH_MANAGER=wazuh-manager WAZUH_PROTOCOL=UDP,TCP,TPC,UPC,UDP WAZUH_MANAGER_PORT=444 WAZUH_AGENT_NAME=TESTING apt-get install ./wazuh-agent_4.4.0-0.commit8eb0a41_amd64.deb
Configuration:

  <client>
    <server>
      <address>wazuh-manager</address>
      <port>444</port>
      <protocol>udp</protocol>
    </server>
    <config-profile>ubuntu, ubuntu22, ubuntu22.04</config-profile>
    <notify_time>10</notify_time>
    <time-reconnect>60</time-reconnect>
    <auto_restart>yes</auto_restart>
    <crypto_method>aes</crypto_method>
    <enrollment>
      <enabled>yes</enabled>
      <manager_address>wazuh-manager</manager_address>
      <agent_name>TESTING</agent_name>
      <authorization_pass_path>etc/authd.pass</authorization_pass_path>
    </enrollment>
  </client>

Windows 🟢

Command: .\wazuh-agent.msi /q WAZUH_MANAGER=wazuh-manager WAZUH_PROTOCOL=UDP,TCP,TPC,UPC,UDP WAZUH_MANAGER_PORT=444 WAZUH_AGENT_NAME=TESTING
Configuration:

  <client>
    <server>
      <address>wazuh-manager</address>
      <port>444</port>
      <protocol>udp</protocol>
    </server>
    <crypto_method>aes</crypto_method>
    <notify_time>10</notify_time>
    <time-reconnect>60</time-reconnect>
    <auto_restart>yes</auto_restart>
    <enrollment>
        <enabled>yes</enabled>
        <agent_name>TESTING</agent_name>
    </enrollment>
  </client>

macOS 🔵

Command:
Configuration:

Test deployment variables using 1 address and 1 protocol 🟢

AmazonLinux 🟢

Command: WAZUH_MANAGER=wazuh-manager WAZUH_PROTOCOL=UDP WAZUH_MANAGER_PORT=444 WAZUH_AGENT_NAME=TESTING yum install ./wazuh-agent-4.4.0-0.commitd677dd2.x86_64.rpm`
Configuration:

  <client>
    <server>
      <address>wazuh-manager</address>
      <port>444</port>
      <protocol>udp</protocol>
    </server>
    <config-profile>amzn, amzn2</config-profile>
    <notify_time>10</notify_time>
    <time-reconnect>60</time-reconnect>
    <auto_restart>yes</auto_restart>
    <crypto_method>aes</crypto_method>
    <enrollment>
      <enabled>yes</enabled>
      <manager_address>wazuh-manager</manager_address>
      <agent_name>TESTING</agent_name>
      <authorization_pass_path>etc/authd.pass</authorization_pass_path>
    </enrollment>
  </client>

Ubuntu 🟢

Command: WAZUH_MANAGER=wazuh-manager WAZUH_PROTOCOL=UDP WAZUH_MANAGER_PORT=444 WAZUH_AGENT_NAME=TESTING apt-get install ./wazuh-agent_4.4.0-0.commit8eb0a41_amd64.deb
Configuration:

  <client>
    <server>
      <address>wazuh-manager</address>
      <port>444</port>
      <protocol>udp</protocol>
    </server>
    <config-profile>ubuntu, ubuntu22, ubuntu22.04</config-profile>
    <notify_time>10</notify_time>
    <time-reconnect>60</time-reconnect>
    <auto_restart>yes</auto_restart>
    <crypto_method>aes</crypto_method>
    <enrollment>
      <enabled>yes</enabled>
      <manager_address>wazuh-manager</manager_address>
      <agent_name>TESTING</agent_name>
      <authorization_pass_path>etc/authd.pass</authorization_pass_path>
    </enrollment>
  </client>

Windows 🟢

Command: .\wazuh-agent.msi /q WAZUH_MANAGER=wazuh-manager WAZUH_PROTOCOL=UDP WAZUH_MANAGER_PORT=444 WAZUH_AGENT_NAME=TESTING
Configuration:

  <client>
    <server>
      <address>wazuh-manager</address>
      <port>444</port>
      <protocol>udp</protocol>
    </server>
    <crypto_method>aes</crypto_method>
    <notify_time>10</notify_time>
    <time-reconnect>60</time-reconnect>
    <auto_restart>yes</auto_restart>
    <enrollment>
        <enabled>yes</enabled>
        <agent_name>TESTING</agent_name>
    </enrollment>
  </client>

macOS 🔵

Command:
Configuration:

…ting uniques Reported here: wazuh/wazuh-qa#3400 (comment)

Rebits · 2022-10-24T15:31:04Z

Update - 24/10/2022

Third Review

…ting uniques Reported here: wazuh/wazuh-qa#3400 (comment)

Rebits · 2022-11-04T10:01:32Z

Testing after requested changes

Tester: @Rebits
PR commit: wazuh/wazuh@b87cfdb

Results 🔴

Multiple addresses and protocols 🟢

AmazonLinux 🟢

Command: WAZUH_MANAGER=3.3.3.3,2.2.2.2,1.1.1.1 WAZUH_PROTOCOL=UDP,UDP,TCP yum install wazuh-agent-4.4.0.rpm
Configuration:

  <client>
    <server>
      <address>3.3.3.3</address>
      <port>1514</port>
      <protocol>udp</protocol>
    </server>
    <server>
      <address>2.2.2.2</address>
      <port>1514</port>
      <protocol>udp</protocol>
    </server>
    <server>
      <address>1.1.1.1</address>
      <port>1514</port>
      <protocol>tcp</protocol>
    </server>
    <config-profile>amzn, amzn2</config-profile>
    <notify_time>10</notify_time>
    <time-reconnect>60</time-reconnect>
    <auto_restart>yes</auto_restart>
    <crypto_method>aes</crypto_method>
    <enrollment>
      <enabled>yes</enabled>
      <manager_address>3.3.3.3</manager_address>
      <authorization_pass_path>etc/authd.pass</authorization_pass_path>
    </enrollment>
  </client>

Ubuntu 🟢

Command: WAZUH_MANAGER=3.3.3.3,2.2.2.2,1.1.1.1 WAZUH_PROTOCOL=UDP,UDP,TCP apt-get install ./wazuh-agent_4.4.0.deb
Configuration:

  <client>
    <server>
      <address>3.3.3.3</address>
      <port>1514</port>
      <protocol>udp</protocol>
    </server>
    <server>
      <address>2.2.2.2</address>
      <port>1514</port>
      <protocol>udp</protocol>
    </server>
    <server>
      <address>1.1.1.1</address>
      <port>1514</port>
      <protocol>tcp</protocol>
    </server>
    <config-profile>ubuntu, ubuntu22, ubuntu22.04</config-profile>
    <notify_time>10</notify_time>
    <time-reconnect>60</time-reconnect>
    <auto_restart>yes</auto_restart>
    <crypto_method>aes</crypto_method>
    <enrollment>
      <enabled>yes</enabled>
      <manager_address>3.3.3.3</manager_address>
      <authorization_pass_path>etc/authd.pass</authorization_pass_path>
    </enrollment>
  </client>

Windows 🟢

Command: .\wazuh-agent.msi /q WAZUH_MANAGER=3.3.3.3,2.2.2.2,1.1.1.1 WAZUH_PROTOCOL=UDP,UDP,TCP
Configuration:

  <client>
    <server>
      <address>3.3.3.3</address>
      <port>1514</port>
      <protocol>udp</protocol>
    </server>
    <server>
      <address>2.2.2.2</address>
      <port>1514</port>
      <protocol>udp</protocol>
    </server>
    <server>
      <address>1.1.1.1</address>
      <port>1514</port>
      <protocol>tcp</protocol>
    </server>
    <crypto_method>aes</crypto_method>
    <notify_time>10</notify_time>
    <time-reconnect>60</time-reconnect>
    <auto_restart>yes</auto_restart>
  </client>

macOS 🟢

Command: launchctl setenv WAZUH_MANAGER "3.3.3.3,2.2.2.2,1.1.1.1" WAZUH_PROTOCOL "UDP,UDP,TCP" && installer -pkg wazuh-agent-4.4.0.pkg -target /
Configuration:

  <client>
    <server>
      <address>3.3.3.3</address>
      <port>1514</port>
      <protocol>udp</protocol>
    </server>
    <server>
      <address>2.2.2.2</address>
      <port>1514</port>
      <protocol>udp</protocol>
    </server>
    <server>
      <address>1.1.1.1</address>
      <port>1514</port>
      <protocol>tcp</protocol>
    </server>
    <config-profile>darwin, darwin21, darwin21.1</config-profile>
    <notify_time>10</notify_time>
    <time-reconnect>60</time-reconnect>
    <auto_restart>yes</auto_restart>
    <crypto_method>aes</crypto_method>
    <enrollment>
      <enabled>yes</enabled>
      <manager_address>3.3.3.3</manager_address>
      <authorization_pass_path>etc/authd.pass</authorization_pass_path>
    </enrollment>
  </client>

Test deployment variables using multiple addresses and 1 protocol 🟢

AmazonLinux 🟢

Command: WAZUH_MANAGER=wazuh-manager,wazuh-manager2,4.4.4.4,1.2.1.3,dns-manager WAZUH_PROTOCOL=UDP WAZUH_MANAGER_PORT=444 WAZUH_AGENT_NAME=TESTING yum install ./wazuh-agent-4.4.0.rpm
Configuration:

  <client>
    <server>
      <address>wazuh-manager</address>
      <port>444</port>
      <protocol>udp</protocol>
    </server>
    <server>
      <address>wazuh-manager2</address>
      <port>444</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>4.4.4.4</address>
      <port>444</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>1.2.1.3</address>
      <port>444</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>dns-manager</address>
      <port>444</port>
      <protocol>tcp</protocol>
    </server>
    <config-profile>amzn, amzn2</config-profile>
    <notify_time>10</notify_time>
    <time-reconnect>60</time-reconnect>
    <auto_restart>yes</auto_restart>
    <crypto_method>aes</crypto_method>
    <enrollment>
      <enabled>yes</enabled>
      <manager_address>wazuh-manager</manager_address>
      <agent_name>TESTING</agent_name>
      <authorization_pass_path>etc/authd.pass</authorization_pass_path>
    </enrollment>
  </client>

Ubuntu 🟢

Command: ``WAZUH_MANAGER=wazuh-manager,wazuh-manager2,4.4.4.4,1.2.1.3,dns-manager WAZUH_PROTOCOL=UDP WAZUH_MANAGER_PORT=444 WAZUH_AGENT_NAME=TESTING apt-get install ./wazuh-agent_4.4.0.deb`
Configuration:

  <client>
    <server>
      <address>wazuh-manager</address>
      <port>444</port>
      <protocol>udp</protocol>
    </server>
    <server>
      <address>wazuh-manager2</address>
      <port>444</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>4.4.4.4</address>
      <port>444</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>1.2.1.3</address>
      <port>444</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>dns-manager</address>
      <port>444</port>
      <protocol>tcp</protocol>
    </server>
    <config-profile>ubuntu, ubuntu22, ubuntu22.04</config-profile>
    <notify_time>10</notify_time>
    <time-reconnect>60</time-reconnect>
    <auto_restart>yes</auto_restart>
    <crypto_method>aes</crypto_method>
    <enrollment>
      <enabled>yes</enabled>
      <manager_address>wazuh-manager</manager_address>
      <agent_name>TESTING</agent_name>
      <authorization_pass_path>etc/authd.pass</authorization_pass_path>
    </enrollment>
  </client>

Windows 🔴

Command: .\wazuh-agent.msi /q WAZUH_MANAGER=wazuh-manager,wazuh-manager2,4.4.4.4,1.2.1.3,dns-manager WAZUH_PROTOCOL=UDP WAZUH_MANAGER_PORT=444 WAZUH_AGENT_NAME=TESTING
Configuration:

  <client>
    <server>
      <address>wazuh-manager</address>
      <port>444</port>
      <protocol>udp</protocol>
    </server>
    <server>
      <address>wazuh-manager2</address>
      <port>444</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>4.4.4.4</address>
      <port>444</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>1.2.1.3</address>
      <port>444</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>dns-manager</address>
      <port>444</port>
      <protocol>tcp</protocol>
    </server>
    <crypto_method>aes</crypto_method>
    <notify_time>10</notify_time>
    <time-reconnect>60</time-reconnect>
    <auto_restart>yes</auto_restart>
    <enrollment>
        <enabled>yes</enabled>
        <agent_name>TESTING</agent_name>
    </enrollment>
  </client>

macOS 🟢

Command:
Configuration:

Duplicate manager - Different protocols 🟢

AmazonLinux 🟢

Command: WAZUH_MANAGER=wazuh-manager,wazuh-manager WAZUH_PROTOCOL=UDP WAZUH_MANAGER_PORT=444 WAZUH_AGENT_NAME=TESTING yum install ./wazuh-agent-4.4.0-0.rpm
Configuration:

  <client>
    <server>
      <address>wazuh-manager</address>
      <port>444</port>
      <protocol>udp</protocol>
    </server>
    <server>
      <address>wazuh-manager</address>
      <port>444</port>
      <protocol>tcp</protocol>
    </server>
    <config-profile>amzn, amzn2</config-profile>
    <notify_time>10</notify_time>
    <time-reconnect>60</time-reconnect>
    <auto_restart>yes</auto_restart>
    <crypto_method>aes</crypto_method>
    <enrollment>
      <enabled>yes</enabled>
      <manager_address>wazuh-manager</manager_address>
      <agent_name>TESTING</agent_name>
      <authorization_pass_path>etc/authd.pass</authorization_pass_path>
    </enrollment>
  </client>

Ubuntu 🟢

Command: WAZUH_MANAGER=wazuh-manager,wazuh-manager WAZUH_PROTOCOL=UDP WAZUH_MANAGER_PORT=444 WAZUH_AGENT_NAME=TESTING apt-get install ./wazuh-agent_4.4.0.deb
Configuration:

  <client>
    <server>
      <address>wazuh-manager</address>
      <port>444</port>
      <protocol>udp</protocol>
    </server>
    <server>
      <address>wazuh-manager</address>
      <port>444</port>
      <protocol>tcp</protocol>
    </server>
    <config-profile>ubuntu, ubuntu22, ubuntu22.04</config-profile>
    <notify_time>10</notify_time>
    <time-reconnect>60</time-reconnect>
    <auto_restart>yes</auto_restart>
    <crypto_method>aes</crypto_method>
    <enrollment>
      <enabled>yes</enabled>
      <manager_address>wazuh-manager</manager_address>
      <agent_name>TESTING</agent_name>
      <authorization_pass_path>etc/authd.pass</authorization_pass_path>
    </enrollment>
  </client>

Windows 🔴

Command: .\wazuh-agent.msi /q WAZUH_MANAGER=wazuh-manager,wazuh-manager WAZUH_PROTOCOL=UDP WAZUH_MANAGER_PORT=444 WAZUH_AGENT_NAME=TESTING
Configuration:

  <client>
    <server>
      <address>wazuh-manager</address>
      <port>444</port>
      <protocol>udp</protocol>
    </server>
    <server>
      <address>wazuh-manager</address>
      <port>444</port>
      <protocol>tcp</protocol>
    </server>
    <crypto_method>aes</crypto_method>
    <notify_time>10</notify_time>
    <time-reconnect>60</time-reconnect>
    <auto_restart>yes</auto_restart>
    <enrollment>
        <enabled>yes</enabled>
        <agent_name>TESTING</agent_name>
    </enrollment>
  </client>

macOS 🔵

Command:
Configuration:

Duplicate manager - Same protocols 🔴

AmazonLinux 🔴

Managers are disordered in the case of using the same protocol:

Command: WAZUH_MANAGER=wazuh-manager,testing WAZUH_PROTOCOL=TCP,tCP WAZUH_MANAGER_PORT=444 WAZUH_AGENT_NAME=TESTING yum install ./wazuh-agent-4.4.0.rpm
Configuration:
    <server>
      <address>testing</address>
      <port>444</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>wazuh-manager</address>
      <port>444</port>
      <protocol>tcp</protocol>
    </server>

Conclusion 🔴

Managers are disordered in case of using the same protocol. The order of the managers specified in the configuration is important due to it determinate the registration/connection order among all the managers configured in the agent 🔴.

Rebits · 2022-11-04T17:48:21Z

Update - 04/11/2022

After talking with @DFolchA we have proposed removing duplicated managers for the same protocols using the following logic

            ADDRESSES=( $(echo "${ADDRESSES[@]}" |  tr ' ' '\n' | cat -n | sort -uk2 | sort -n | cut -f2- | tr '\n' ' ') )

Rebits · 2022-11-04T17:49:06Z

Update - 04/11/2022

Fourth manual testing

Rebits · 2022-11-07T13:03:07Z

Testing after requested changes 🔴

Tester: @Rebits
PR commit: wazuh/wazuh@aa84575

Results

Multiple addresses and protocols 🟢

AmazonLinux 🟢

Command: WAZUH_MANAGER=3.3.3.3,2.2.2.2,1.1.1.1 WAZUH_PROTOCOL=UDP,UDP,TCP yum install wazuh-agent-4.4.0.rpm`
Configuration:

  <client>
    <server>
      <address>3.3.3.3</address>
      <port>1514</port>
      <protocol>udp</protocol>
    </server>
    <server>
      <address>2.2.2.2</address>
      <port>1514</port>
      <protocol>udp</protocol>
    </server>
    <server>
      <address>1.1.1.1</address>
      <port>1514</port>
      <protocol>tcp</protocol>
    </server>
    <config-profile>amzn, amzn2</config-profile>
    <notify_time>10</notify_time>
    <time-reconnect>60</time-reconnect>
    <auto_restart>yes</auto_restart>
    <crypto_method>aes</crypto_method>
    <enrollment>
      <enabled>yes</enabled>
      <manager_address>3.3.3.3</manager_address>
      <authorization_pass_path>etc/authd.pass</authorization_pass_path>
    </enrollment>
  </client>

Ubuntu 🟢

Command: WAZUH_MANAGER=3.3.3.3,2.2.2.2,1.1.1.1 WAZUH_PROTOCOL=UDP,UDP,TCP apt-get install ./wazuh-agent_4.4.0.deb
Configuration:

  <client>
    <server>
      <address>3.3.3.3</address>
      <port>1514</port>
      <protocol>udp</protocol>
    </server>
    <server>
      <address>2.2.2.2</address>
      <port>1514</port>
      <protocol>udp</protocol>
    </server>
    <server>
      <address>1.1.1.1</address>
      <port>1514</port>
      <protocol>tcp</protocol>
    </server>
    <config-profile>ubuntu, ubuntu22, ubuntu22.04</config-profile>
    <notify_time>10</notify_time>
    <time-reconnect>60</time-reconnect>
    <auto_restart>yes</auto_restart>
    <crypto_method>aes</crypto_method>
    <enrollment>
      <enabled>yes</enabled>
      <manager_address>3.3.3.3</manager_address>
      <authorization_pass_path>etc/authd.pass</authorization_pass_path>
    </enrollment>
  </client>

Windows 🟢

Command: .\wazuh-agent.msi /q WAZUH_MANAGER=3.3.3.3,2.2.2.2,1.1.1.1 WAZUH_PROTOCOL=UDP,UDP,TCP
Configuration:

  <client>
    <server>
      <address>3.3.3.3</address>
      <port>1514</port>
      <protocol>udp</protocol>
    </server>
    <server>
      <address>2.2.2.2</address>
      <port>1514</port>
      <protocol>udp</protocol>
    </server>
    <server>
      <address>1.1.1.1</address>
      <port>1514</port>
      <protocol>tcp</protocol>
    </server>
    <crypto_method>aes</crypto_method>
    <notify_time>10</notify_time>
    <time-reconnect>60</time-reconnect>
    <auto_restart>yes</auto_restart>
  </client>

macOS 🟢

Command: launchctl setenv WAZUH_MANAGER "3.3.3.3,2.2.2.2,1.1.1.1" WAZUH_PROTOCOL "udp,udp,tcp" && installer -pkg wazuh-agent-4.4.0.pkg -target / -verbose
Configuration:

  <client>
    <server>
      <address>3.3.3.3</address>
      <port>1514</port>
      <protocol>udp</protocol>
    </server>
    <server>
      <address>2.2.2.2</address>
      <port>1514</port>
      <protocol>udp</protocol>
    </server>
    <server>
      <address>1.1.1.1</address>
      <port>1514</port>
      <protocol>tcp</protocol>
    </server>
    <config-profile>darwin, darwin21, darwin21.1</config-profile>
    <notify_time>10</notify_time>
    <time-reconnect>60</time-reconnect>
    <auto_restart>yes</auto_restart>
    <crypto_method>aes</crypto_method>
    <enrollment>
      <enabled>yes</enabled>
      <manager_address>3.3.3.3</manager_address>
      <authorization_pass_path>etc/authd.pass</authorization_pass_path>
    </enrollment>
  </client>

Test deployment variables using multiple addresses and 1 protocol 🟢

AmazonLinux 🟢

Command: WAZUH_MANAGER=wazuh-manager,wazuh-manager2,4.4.4.4,1.2.1.3,dns-manager WAZUH_PROTOCOL=UDP WAZUH_MANAGER_PORT=444 WAZUH_AGENT_NAME=TESTING yum install ./wazuh-agent-4.4.0.rpm
Configuration:

  <client>
    <server>
      <address>wazuh-manager</address>
      <port>444</port>
      <protocol>udp</protocol>
    </server>
    <server>
      <address>wazuh-manager2</address>
      <port>444</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>4.4.4.4</address>
      <port>444</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>1.2.1.3</address>
      <port>444</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>dns-manager</address>
      <port>444</port>
      <protocol>tcp</protocol>
    </server>
    <config-profile>amzn, amzn2</config-profile>
    <notify_time>10</notify_time>
    <time-reconnect>60</time-reconnect>
    <auto_restart>yes</auto_restart>
    <crypto_method>aes</crypto_method>
    <enrollment>
      <enabled>yes</enabled>
      <manager_address>wazuh-manager</manager_address>
      <agent_name>TESTING</agent_name>
      <authorization_pass_path>etc/authd.pass</authorization_pass_path>
    </enrollment>
  </client>

Ubuntu 🟢

Command: WAZUH_MANAGER=wazuh-manager,wazuh-manager2,4.4.4.4,1.2.1.3,dns-manager WAZUH_PROTOCOL=UDP WAZUH_MANAGER_PORT=444 WAZUH_AGENT_NAME=TESTING apt-get install ./wazuh-agent_4.4.0.deb
Configuration:

  <client>
    <server>
      <address>wazuh-manager</address>
      <port>444</port>
      <protocol>udp</protocol>
    </server>
    <server>
      <address>wazuh-manager2</address>
      <port>444</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>4.4.4.4</address>
      <port>444</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>1.2.1.3</address>
      <port>444</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>dns-manager</address>
      <port>444</port>
      <protocol>tcp</protocol>
    </server>
    <config-profile>ubuntu, ubuntu22, ubuntu22.04</config-profile>
    <notify_time>10</notify_time>
    <time-reconnect>60</time-reconnect>
    <auto_restart>yes</auto_restart>
    <crypto_method>aes</crypto_method>
    <enrollment>
      <enabled>yes</enabled>
      <manager_address>wazuh-manager</manager_address>
      <agent_name>TESTING</agent_name>
      <authorization_pass_path>etc/authd.pass</authorization_pass_path>
    </enrollment>
  </client>

Windows 🟢

Command: .\wazuh-agent.msi /q WAZUH_MANAGER=wazuh-manager,wazuh-manager2,4.4.4.4,1.2.1.3,dns-manager WAZUH_PROTOCOL=UDP WAZUH_MANAGER_PORT=444 WAZUH_AGENT_NAME=TESTIN
Configuration:

  <client>
    <server>
      <address>wazuh-manager</address>
      <port>444</port>
      <protocol>udp</protocol>
    </server>
    <server>
      <address>wazuh-manager2</address>
      <port>444</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>4.4.4.4</address>
      <port>444</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>1.2.1.3</address>
      <port>444</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>dns-manager</address>
      <port>444</port>
      <protocol>tcp</protocol>
    </server>
    <crypto_method>aes</crypto_method>
    <notify_time>10</notify_time>
    <time-reconnect>60</time-reconnect>
    <auto_restart>yes</auto_restart>
    <enrollment>
        <enabled>yes</enabled>
        <agent_name>TESTIN</agent_name>
    </enrollment>
  </client>

macOS 🟢

Command: launchctl setenv WAZUH_MANAGER "wazuh-manager,wazuh-manager2,4.4.4.4,1.2.1.3,dns-manager" WAZUH_PROTOCOL "udp" WAZUH_AGENT_NAME "TESTING" && installer -pkg wazuh-agent-4.4.0.pkg -target / -verbose

Configuration:

  <client>
    <server>
      <address>wazuh-manager</address>
      <port>1514</port>
      <protocol>udp</protocol>
    </server>
    <server>
      <address>wazuh-manager2</address>
      <port>1514</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>4.4.4.4</address>
      <port>1514</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>1.2.1.3</address>
      <port>1514</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>dns-manager</address>
      <port>1514</port>
      <protocol>tcp</protocol>
    </server>
    <config-profile>darwin, darwin21, darwin21.1</config-profile>
    <notify_time>10</notify_time>
    <time-reconnect>60</time-reconnect>
    <auto_restart>yes</auto_restart>
    <crypto_method>aes</crypto_method>
    <enrollment>
      <enabled>yes</enabled>
      <manager_address>wazuh-manager</manager_address>
      <agent_name>TESTING</agent_name>
      <authorization_pass_path>etc/authd.pass</authorization_pass_path>
    </enrollment>
  </client>

Duplicated manager - Different protocols 🟢

AmazonLinux 🟢

Command: WAZUH_MANAGER=wazuh-manager,wazuh-manager WAZUH_PROTOCOL=UDP WAZUH_MANAGER_PORT=444 WAZUH_AGENT_NAME=TESTING yum install ./wazuh-agent-4.4.0-0.rpm
Configuration:

  <client>
    <server>
      <address>wazuh-manager</address>
      <port>444</port>
      <protocol>udp</protocol>
    </server>
    <server>
      <address>wazuh-manager</address>
      <port>444</port>
      <protocol>tcp</protocol>
    </server>
    <config-profile>amzn, amzn2</config-profile>
    <notify_time>10</notify_time>
    <time-reconnect>60</time-reconnect>
    <auto_restart>yes</auto_restart>
    <crypto_method>aes</crypto_method>
    <enrollment>
      <enabled>yes</enabled>
      <manager_address>wazuh-manager</manager_address>
      <agent_name>TESTING</agent_name>
      <authorization_pass_path>etc/authd.pass</authorization_pass_path>
    </enrollment>
  </client>

Ubuntu 🟢

Command: WAZUH_MANAGER=wazuh-manager,wazuh-manager WAZUH_PROTOCOL=UDP WAZUH_MANAGER_PORT=444 WAZUH_AGENT_NAME=TESTING apt-get install ./wazuh-agent_4.4.0.deb
Configuration:

  <client>
    <server>
      <address>wazuh-manager</address>
      <port>444</port>
      <protocol>udp</protocol>
    </server>
    <server>
      <address>wazuh-manager</address>
      <port>444</port>
      <protocol>tcp</protocol>
    </server>
    <config-profile>ubuntu, ubuntu22, ubuntu22.04</config-profile>
    <notify_time>10</notify_time>
    <time-reconnect>60</time-reconnect>
    <auto_restart>yes</auto_restart>
    <crypto_method>aes</crypto_method>
    <enrollment>
      <enabled>yes</enabled>
      <manager_address>wazuh-manager</manager_address>
      <agent_name>TESTING</agent_name>
      <authorization_pass_path>etc/authd.pass</authorization_pass_path>
    </enrollment>
  </client>

Windows 🟢

Command: .\wazuh-agent.msi /q WAZUH_MANAGER=wazuh-manager,wazuh-manager WAZUH_PROTOCOL=UDP WAZUH_MANAGER_PORT=444 WAZUH_AGENT_NAME=TESTING
Configuration:

  <client>
    <server>
      <address>wazuh-manager</address>
      <port>444</port>
      <protocol>udp</protocol>
    </server>
    <server>
      <address>wazuh-manager</address>
      <port>444</port>
      <protocol>tcp</protocol>
    </server>
    <crypto_method>aes</crypto_method>
    <notify_time>10</notify_time>
    <time-reconnect>60</time-reconnect>
    <auto_restart>yes</auto_restart>
    <enrollment>
        <enabled>yes</enabled>
        <agent_name>TESTING</agent_name>
    </enrollment>
  </client>

macOS 🟢

macOS 🔵

Command: launchctl setenv WAZUH_MANAGER "wazuh-manager,wazuh-manager" WAZUH_PROTOCOL "udp" WAZUH_AGENT_NAME "test-agent" WAZUH_AGENT_GROUP "test-group" && installer -pkg wazuh-agent-4.4.0-0.pkg -target /;

Configuration:

  <client>
    <server>
      <address>wazuh-manager</address>
      <port>1514</port>
      <protocol>udp</protocol>
    </server>
    <server>
      <address>wazuh-manager</address>
      <port>1514</port>
      <protocol>tcp</protocol>
    </server>
    <config-profile>darwin, darwin21, darwin21.1</config-profile>
    <notify_time>10</notify_time>
    <time-reconnect>60</time-reconnect>
    <auto_restart>yes</auto_restart>
    <crypto_method>aes</crypto_method>
    <enrollment>
      <enabled>yes</enabled>
      <manager_address>wazuh-manager</manager_address>
      <agent_name>test-agent</agent_name>
      <groups>test-group</groups>
      <authorization_pass_path>etc/authd.pass</authorization_pass_path>
    </enrollment>
  </client>

Duplicated manager - Same protocols 🟢

AmazonLinux 🟢

Command: WAZUH_MANAGER=wazuh-manager,wazuh-manager WAZUH_PROTOCOL=TCP,tCP WAZUH_MANAGER_PORT=444 WAZUH_AGENT_NAME=TESTING yum install ./wazuh-agent-4.4.0.rpm
Configuration:

  <client>
    <server>
      <address>wazuh-manager</address>
      <port>444</port>
      <protocol>tcp</protocol>
    </server>
    <config-profile>amzn, amzn2</config-profile>
    <notify_time>10</notify_time>
    <time-reconnect>60</time-reconnect>
    <auto_restart>yes</auto_restart>
    <crypto_method>aes</crypto_method>
    <enrollment>
      <enabled>yes</enabled>
      <manager_address>wazuh-manager</manager_address>
      <agent_name>TESTING</agent_name>
      <authorization_pass_path>etc/authd.pass</authorization_pass_path>
    </enrollment>
  </client>

Ubuntu 🟢

Command: WAZUH_MANAGER=wazuh-manager,wazuh-manager WAZUH_PROTOCOL=TCP,tCP WAZUH_MANAGER_PORT=444 WAZUH_AGENT_NAME=TESTING apt-get install ./wazuh-agent_4.4.0.deb
Configuration:

  <client>
    <server>
      <address>wazuh-manager</address>
      <port>444</port>
      <protocol>tcp</protocol>
    </server>
    <config-profile>ubuntu, ubuntu22, ubuntu22.04</config-profile>
    <notify_time>10</notify_time>
    <time-reconnect>60</time-reconnect>
    <auto_restart>yes</auto_restart>
    <crypto_method>aes</crypto_method>
    <enrollment>
      <enabled>yes</enabled>
      <manager_address>wazuh-manager</manager_address>
      <agent_name>TESTING</agent_name>
      <authorization_pass_path>etc/authd.pass</authorization_pass_path>
    </enrollment>
  </client>

Windows 🟢

Command: .\wazuh-agent.msi /q WAZUH_MANAGER=wazuh-manager,wazuh-manager WAZUH_PROTOCOL=tcp,TCP WAZUH_MANAGER_PORT=444 WAZUH_AGENT_NAME=TESTING
Configuration:


  <client>
    <server>
      <address>wazuh-manager</address>
      <port>444</port>
      <protocol>tcp</protocol>
    </server>
    <crypto_method>aes</crypto_method>
    <notify_time>10</notify_time>
    <time-reconnect>60</time-reconnect>
    <auto_restart>yes</auto_restart>
    <enrollment>
        <enabled>yes</enabled>
        <agent_name>TESTING</agent_name>
    </enrollment>
  </client>

macOS 🟢

Command: launchctl setenv WAZUH_MANAGER "wazuh-manager,wazuh-manager" WAZUH_PROTOCOL "TCP,tcp" WAZUH_MANAGER_PORT "444" WAZUH_AGENT_NAME "TESTING" && installer -pkg wazuh-agent-4.4.0.pkg -target /
Configuration:

  <client>
    <server>
      <address>wazuh-manager</address>
      <port>444</port>
      <protocol>tcp</protocol>
    </server>
    <config-profile>darwin, darwin21, darwin21.1</config-profile>
    <notify_time>10</notify_time>
    <time-reconnect>60</time-reconnect>
    <auto_restart>yes</auto_restart>
    <crypto_method>aes</crypto_method>
    <enrollment>
      <enabled>yes</enabled>
      <manager_address>wazuh-manager</manager_address>
      <agent_name>TESTING</agent_name>
      <authorization_pass_path>etc/authd.pass</authorization_pass_path>
    </enrollment>
  </client>

All deployment variables at the same time with multiple addresses 🟢

AmazonLinux 🟢

Command: WAZUH_MANAGER=1.1.1.1,wazuh-manager,3.3.3.3,testing-manager,dns-manager,MANAGER-4 WAZUH_MANAGER_PORT=7777 WAZUH_PROTOCOL=udp WAZUH_REGISTRATION_SERVER=2.2.2.2 WAZUH_REGISTRATION_PORT=8888 WAZUH_REGISTRATION_PASSWORD=password WAZUH_KEEP_ALIVE_INTERVAL=10 WAZUH_TIME_RECONNECT=10 WAZUH_REGISTRATION_CA=/var/ossec/etc/testsslmanager.cert WAZUH_REGISTRATION_CERTIFICATE=/var/ossec/etc/testsslmanager.cert WAZUH_REGISTRATION_KEY=/var/ossec/etc/testsslmanager.key WAZUH_AGENT_NAME=test-agent WAZUH_AGENT_GROUP=test-group ENROLLMENT_DELAY=10 yum install ./wazuh-agent-4.4.0-0.commit8eb0a41.x86_64
Configuration:
  <client>
    <server>
      <address>1.1.1.1</address>
      <port>7777</port>
      <protocol>udp</protocol>
    </server>
    <server>
      <address>wazuh-manager</address>
      <port>7777</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>3.3.3.3</address>
      <port>7777</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>testing-manager</address>
      <port>7777</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>dns-manager</address>
      <port>7777</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>MANAGER-4</address>
      <port>7777</port>
      <protocol>tcp</protocol>
    </server>
    <config-profile>amzn, amzn2</config-profile>
    <notify_time>10</notify_time>
    <time-reconnect>10</time-reconnect>
    <auto_restart>yes</auto_restart>
    <crypto_method>aes</crypto_method>
    <enrollment>
      <enabled>yes</enabled>
      <manager_address>2.2.2.2</manager_address>
      <port>8888</port>
      <agent_name>test-agent</agent_name>
      <groups>test-group</groups>
      <server_ca_path>/var/ossec/etc/testsslmanager.cert</server_ca_path>
      <agent_certificate_path>/var/ossec/etc/testsslmanager.cert</agent_certificate_path>
      <agent_key_path>/var/ossec/etc/testsslmanager.key</agent_key_path>
      <authorization_pass_path>etc/authd.pass</authorization_pass_path>
      <delay_after_enrollment>10</delay_after_enrollment>
    </enrollment>
  </client>
Ubuntu 🟢

Command: WAZUH_MANAGER=1.1.1.1,wazuh-manager,3.3.3.3,testing-manager,dns-manager,MANAGER-4 WAZUH_MANAGER_PORT=7777 WAZUH_PROTOCOL=udp WAZUH_REGISTRATION_SERVER=2.2.2.2 WAZUH_REGISTRATION_PORT=8888 WAZUH_REGISTRATION_PASSWORD=password WAZUH_KEEP_ALIVE_INTERVAL=10 WAZUH_TIME_RECONNECT=10 WAZUH_REGISTRATION_CA=/var/ossec/etc/testsslmanager.cert WAZUH_REGISTRATION_CERTIFICATE=/var/ossec/etc/testsslmanager.cert WAZUH_REGISTRATION_KEY=/var/ossec/etc/testsslmanager.key WAZUH_AGENT_NAME=test-agent WAZUH_AGENT_GROUP=test-group ENROLLMENT_DELAY=10 apt-get install ./wazuh-agent_4.4.0-0.commit8eb0a41_amd64.deb
Configuration:
  <client>
    <server>
      <address>1.1.1.1</address>
      <port>7777</port>
      <protocol>udp</protocol>
    </server>
    <server>
      <address>wazuh-manager</address>
      <port>7777</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>3.3.3.3</address>
      <port>7777</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>testing-manager</address>
      <port>7777</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>dns-manager</address>
      <port>7777</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>MANAGER-4</address>
      <port>7777</port>
      <protocol>tcp</protocol>
    </server>
    <config-profile>ubuntu, ubuntu22, ubuntu22.04</config-profile>
    <notify_time>10</notify_time>
    <time-reconnect>10</time-reconnect>
    <auto_restart>yes</auto_restart>
    <crypto_method>aes</crypto_method>
    <enrollment>
      <enabled>yes</enabled>
      <manager_address>2.2.2.2</manager_address>
      <port>8888</port>
      <agent_name>test-agent</agent_name>
      <groups>test-group</groups>
      <server_ca_path>/var/ossec/etc/testsslmanager.cert</server_ca_path>
      <agent_certificate_path>/var/ossec/etc/testsslmanager.cert</agent_certificate_path>
      <agent_key_path>/var/ossec/etc/testsslmanager.key</agent_key_path>
      <authorization_pass_path>etc/authd.pass</authorization_pass_path>
      <delay_after_enrollment>10</delay_after_enrollment>
    </enrollment>
  </client>
Windows 🟢

Command: .\wazuh-agent.msi /q WAZUH_MANAGER=1.1.1.1,wazuh-manager,3.3.3.3,testing-manager,dns-manager,MANAGER-4 WAZUH_MANAGER_PORT=7777 WAZUH_REGISTRATION_SERVER=2.2.2.2 WAZUH_REGISTRATION_PORT=8888 WAZUH_REGISTRATION_PASSWORD=password WAZUH_KEEP_ALIVE_INTERVAL=10 WAZUH_TIME_RECONNECT=10 WAZUH_REGISTRATION_CA=/var/ossec/etc/testsslmanager.cert WAZUH_REGISTRATION_CERTIFICATE=/var/ossec/etc/testsslmanager.cert WAZUH_REGISTRATION_KEY=/var/ossec/etc/testsslmanager.key WAZUH_AGENT_NAME=test-agent
Configuration:
  <client>
    <server>
      <address>1.1.1.1</address>
      <port>7777</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>wazuh-manager</address>
      <port>7777</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>3.3.3.3</address>
      <port>7777</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>testing-manager</address>
      <port>7777</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>dns-manager</address>
      <port>7777</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>MANAGER-4</address>
      <port>7777</port>
      <protocol>tcp</protocol>
    </server>
    <crypto_method>aes</crypto_method>
    <notify_time>10</notify_time>
    <time-reconnect>10</time-reconnect>
    <auto_restart>yes</auto_restart>
    <enrollment>
        <enabled>yes</enabled>
        <manager_address>2.2.2.2</manager_address>
        <port>8888</port>
        <authorization_pass_path>authd.pass</authorization_pass_path>
        <server_ca_path>/var/ossec/etc/testsslmanager.cert</server_ca_path>
        <agent_certificate_path>/var/ossec/etc/testsslmanager.cert</agent_certificate_path>
        <agent_key_path>/var/ossec/etc/testsslmanager.key</agent_key_path>
        <agent_name>test-agent</agent_name>
    </enrollment>
  </client>
macOS 🟢

Command: setenv WAZUH_MANAGER "1.1.1.1,wazuh-manager,3.3.3.3,testing-manager,dns-manager,MANAGER-4" WAZUH_MANAGER_PORT "7777" WAZUH_PROTOCOL "udp" WAZUH_REGISTRATION_SERVER "2.2.2.2" WAZUH_REGISTRATION_PORT "8888" WAZUH_REGISTRATION_PASSWORD "password" WAZUH_KEEP_ALIVE_INTERVAL "10" WAZUH_TIME_RECONNECT "10" WAZUH_REGISTRATION_CA "/var/ossec/etc/testsslmanager.cert" WAZUH_REGISTRATION_CERTIFICATE "/var/ossec/etc/testsslmanager.cert" WAZUH_REGISTRATION_KEY "/var/ossec/etc/testsslmanager.key" WAZUH_AGENT_NAME "test-agent" WAZUH_AGENT_GROUP "test-group" ENROLLMENT_DELAY "10" && installer -pkg wazuh-agent-4.4.0-0.commitd677dd2.pkg -target /;

Configuration:
  <client>
    <server>
      <address>1.1.1.1</address>
      <port>7777</port>
      <protocol>udp</protocol>
    </server>
    <server>
      <address>3.3.3.3</address>
      <port>7777</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>MANAGER-4</address>
      <port>7777</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>dns-manager</address>
      <port>7777</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>testing-manager</address>
      <port>7777</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>wazuh-manager</address>
      <port>7777</port>
      <protocol>tcp</protocol>
    </server>
    <config-profile>darwin, darwin21, darwin21.1</config-profile>
    <notify_time>10</notify_time>
    <time-reconnect>10</time-reconnect>
    <auto_restart>yes</auto_restart>
    <crypto_method>aes</crypto_method>
    <enrollment>
      <enabled>yes</enabled>
      <manager_address>2.2.2.2</manager_address>
      <port>8888</port>
      <agent_name>test-agent</agent_name>
      <groups>test-group</groups>
      <server_ca_path>/var/ossec/etc/testsslmanager.cert</server_ca_path>
      <agent_certificate_path>/var/ossec/etc/testsslmanager.cert</agent_certificate_path>
      <agent_key_path>/var/ossec/etc/testsslmanager.key</agent_key_path>
      <authorization_pass_path>etc/authd.pass</authorization_pass_path>
      <delay_after_enrollment>10</delay_after_enrollment>
    </enrollment>
  </client>
</details>



</blockquote>

</details>



<details>

<summary> All deployment variables at the same time with multiple addresses and protocols :green_circle:</summary>

<blockquote>


<details>

<summary> AmazonLinux  :green_circle:  </summary>


**Command**:  `WAZUH_MANAGER=1.1.1.1,wazuh-manager,3.3.3.3,testing-manager,dns-manager,MANAGER-4 WAZUH_MANAGER_PORT=7777 WAZUH_PROTOCOL=udp,tcp,udp,tcp,udp,tcp,udp,tcp WAZUH_REGISTRATION_SERVER=2.2.2.2 WAZUH_REGISTRATION_PORT=8888 WAZUH_REGISTRATION_PASSWORD=password WAZUH_KEEP_ALIVE_INTERVAL=10 WAZUH_TIME_RECONNECT=10 WAZUH_REGISTRATION_CA=/var/ossec/etc/testsslmanager.cert WAZUH_REGISTRATION_CERTIFICATE=/var/ossec/etc/testsslmanager.cert WAZUH_REGISTRATION_KEY=/var/ossec/etc/testsslmanager.key WAZUH_AGENT_NAME=test-agent WAZUH_AGENT_GROUP=test-group ENROLLMENT_DELAY=10 yum install ./wazuh-agent-4.4.0-0.commit8eb0a41.x86_64.rpm`
**Configuration**:
<ossec_config>

1.1.1.1
7777
udp

wazuh-manager
7777
tcp

3.3.3.3
7777
udp

testing-manager
7777
tcp

dns-manager
7777
udp

MANAGER-4
7777
tcp

amzn, amzn2
<notify_time>10</notify_time>
10
<auto_restart>yes</auto_restart>
<crypto_method>aes</crypto_method>

yes
<manager_address>2.2.2.2</manager_address>
8888
<agent_name>test-agent</agent_name>
test-group
<server_ca_path>/var/ossec/etc/testsslmanager.cert</server_ca_path>
<agent_certificate_path>/var/ossec/etc/testsslmanager.cert</agent_certificate_path>
<agent_key_path>/var/ossec/etc/testsslmanager.key</agent_key_path>
<authorization_pass_path>etc/authd.pass</authorization_pass_path>
<delay_after_enrollment>10</delay_after_enrollment>
</details>


<details>

<summary> Ubuntu :green_circle:  </summary>


**Command**:  `WAZUH_MANAGER=1.1.1.1,wazuh-manager,3.3.3.3,testing-manager,dns-manager,MANAGER-4 WAZUH_MANAGER_PORT=7777 WAZUH_PROTOCOL=udp,tcp,udp,tcp,udp,tcp,udp,tcp WAZUH_REGISTRATION_SERVER=2.2.2.2 WAZUH_REGISTRATION_PORT=8888 WAZUH_REGISTRATION_PASSWORD=password WAZUH_KEEP_ALIVE_INTERVAL=10 WAZUH_TIME_RECONNECT=10 WAZUH_REGISTRATION_CA=/var/ossec/etc/testsslmanager.cert WAZUH_REGISTRATION_CERTIFICATE=/var/ossec/etc/testsslmanager.cert WAZUH_REGISTRATION_KEY=/var/ossec/etc/testsslmanager.key WAZUH_AGENT_NAME=test-agent WAZUH_AGENT_GROUP=test-group ENROLLMENT_DELAY=10 apt-get install ./wazuh-agent_4.4.0-0.commit8eb0a41_amd64.deb`
**Configuration**:
1.1.1.1 7777 udp wazuh-manager 7777 tcp 3.3.3.3 7777 udp testing-manager 7777 tcp dns-manager 7777 udp MANAGER-4 7777 tcp ubuntu, ubuntu22, ubuntu22.04 10 10 yes aes yes 2.2.2.2 8888 test-agent test-group /var/ossec/etc/testsslmanager.cert /var/ossec/etc/testsslmanager.cert /var/ossec/etc/testsslmanager.key etc/authd.pass 10 ```
Windows 🟢

Command: .\wazuh-agent.msi /q WAZUH_MANAGER=1.1.1.1,wazuh-manager,3.3.3.3,testing-manager,dns-manager,MANAGER-4 WAZUH_MANAGER_PORT=7777 WAZUH_PROTOCOL=udp,tcp,udp,tcp,udp,tcp,udp,tcp WAZUH_REGISTRATION_SERVER=2.2.2.2 WAZUH_REGISTRATION_PORT=8888 WAZUH_REGISTRATION_PASSWORD=password WAZUH_KEEP_ALIVE_INTERVAL=10 WAZUH_TIME_RECONNECT=10 WAZUH_REGISTRATION_CA=/var/ossec/etc/testsslmanager.cert WAZUH_REGISTRATION_CERTIFICATE=/var/ossec/etc/testsslmanager.cert WAZUH_REGISTRATION_KEY=/var/ossec/etc/testsslmanager.key WAZUH_AGENT_NAME=test-agent
Configuration:
<ossec_config>

  <client>
    <server>
      <address>1.1.1.1</address>
      <port>7777</port>
      <protocol>udp</protocol>
    </server>
    <server>
      <address>wazuh-manager</address>
      <port>7777</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>3.3.3.3</address>
      <port>7777</port>
      <protocol>udp</protocol>
    </server>
    <server>
      <address>testing-manager</address>
      <port>7777</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>dns-manager</address>
      <port>7777</port>
      <protocol>udp</protocol>
    </server>
    <server>
      <address>MANAGER-4</address>
      <port>7777</port>
      <protocol>tcp</protocol>
    </server>
    <crypto_method>aes</crypto_method>
    <notify_time>10</notify_time>
    <time-reconnect>10</time-reconnect>
    <auto_restart>yes</auto_restart>
    <enrollment>
        <enabled>yes</enabled>
        <manager_address>2.2.2.2</manager_address>
        <port>8888</port>
        <authorization_pass_path>authd.pass</authorization_pass_path>
        <server_ca_path>/var/ossec/etc/testsslmanager.cert</server_ca_path>
        <agent_certificate_path>/var/ossec/etc/testsslmanager.cert</agent_certificate_path>
        <agent_key_path>/var/ossec/etc/testsslmanager.key</agent_key_path>
        <agent_name>test-agent</agent_name>
    </enrollment>
  </client>
macOS 🟢

Command: setenv WAZUH_MANAGER "1.1.1.1,wazuh-manager,3.3.3.3,testing-manager,dns-manager,MANAGER-4" WAZUH_MANAGER_PORT "7777" WAZUH_PROTOCOL "udp,tcp,udp,tcp,udp,tcp,udp,tcp" WAZUH_REGISTRATION_SERVER "2.2.2.2" WAZUH_REGISTRATION_PORT "8888" WAZUH_REGISTRATION_PASSWORD "password" WAZUH_KEEP_ALIVE_INTERVAL "10" WAZUH_TIME_RECONNECT "10" WAZUH_REGISTRATION_CA "/var/ossec/etc/testsslmanager.cert" WAZUH_REGISTRATION_CERTIFICATE "/var/ossec/etc/testsslmanager.cert" WAZUH_REGISTRATION_KEY "/var/ossec/etc/testsslmanager.key" WAZUH_AGENT_NAME "test-agent" WAZUH_AGENT_GROUP "test-group" ENROLLMENT_DELAY "10" && installer -pkg wazuh-agent-4.4.0-0.commitd677dd2.pkg -target /;
Configuration:
  <client>
    <server>
      <address>1.1.1.1</address>
      <port>7777</port>
      <protocol>udp</protocol>
    </server>
    <server>
      <address>3.3.3.3</address>
      <port>7777</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>MANAGER-4</address>
      <port>7777</port>
      <protocol>udp</protocol>
    </server>
    <server>
      <address>dns-manager</address>
      <port>7777</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>testing-manager</address>
      <port>7777</port>
      <protocol>udp</protocol>
    </server>
    <server>
      <address>wazuh-manager</address>
      <port>7777</port>
      <protocol>tcp</protocol>
    </server>
    <config-profile>darwin, darwin21, darwin21.1</config-profile>
    <notify_time>10</notify_time>
    <time-reconnect>10</time-reconnect>
    <auto_restart>yes</auto_restart>
    <crypto_method>aes</crypto_method>
    <enrollment>
      <enabled>yes</enabled>
      <manager_address>2.2.2.2</manager_address>
      <port>8888</port>
      <agent_name>test-agent</agent_name>
      <groups>test-group</groups>
      <server_ca_path>/var/ossec/etc/testsslmanager.cert</server_ca_path>
      <agent_certificate_path>/var/ossec/etc/testsslmanager.cert</agent_certificate_path>
      <agent_key_path>/var/ossec/etc/testsslmanager.key</agent_key_path>
      <authorization_pass_path>etc/authd.pass</authorization_pass_path>
      <delay_after_enrollment>10</delay_after_enrollment>
    </enrollment>
  </client>

Test each deployment variable individually: WAZUH_MANAGER 🟢

AmazonLinux 🟢

Command: WAZUH_MANAGER="1,2,3,4,5,6,7,8,9,1,2,3,4,5,6,7,8,9,,,,,,,,,,,1,12" yum install ./wazuh-agent-4.4.0-0.commit8eb0a41.x86_64.rpm
Configuration:

  <client>
    <server>
      <address>1</address>
      <port>1514</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>2</address>
      <port>1514</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>3</address>
      <port>1514</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>4</address>
      <port>1514</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>5</address>
      <port>1514</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>6</address>
      <port>1514</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>7</address>
      <port>1514</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>8</address>
      <port>1514</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>9</address>
      <port>1514</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>12</address>
      <port>1514</port>
      <protocol>tcp</protocol>
    </server>
    <config-profile>amzn, amzn2</config-profile>
    <notify_time>10</notify_time>
    <time-reconnect>60</time-reconnect>
    <auto_restart>yes</auto_restart>
    <crypto_method>aes</crypto_method>
    <enrollment>
      <enabled>yes</enabled>
      <manager_address>1</manager_address>
      <authorization_pass_path>etc/authd.pass</authorization_pass_path>
    </enrollment>
  </client>

Ubuntu 🟢

Command: WAZUH_MANAGER="1,2,3,4,5,6,7,8,9,1,2,3,4,5,6,7,8,9,,,,,,,,,,,1,12" apt-get install ./wazuh-agent_4.4.0.deb
Configuration:

  <client>
    <server>
      <address>1</address>
      <port>1514</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>2</address>
      <port>1514</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>3</address>
      <port>1514</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>4</address>
      <port>1514</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>5</address>
      <port>1514</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>6</address>
      <port>1514</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>7</address>
      <port>1514</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>8</address>
      <port>1514</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>9</address>
      <port>1514</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>12</address>
      <port>1514</port>
      <protocol>tcp</protocol>
    </server>
    <config-profile>ubuntu, ubuntu22, ubuntu22.04</config-profile>
    <notify_time>10</notify_time>
    <time-reconnect>60</time-reconnect>
    <auto_restart>yes</auto_restart>
    <crypto_method>aes</crypto_method>
    <enrollment>
      <enabled>yes</enabled>
      <manager_address>1</manager_address>
      <authorization_pass_path>etc/authd.pass</authorization_pass_path>
    </enrollment>
  </client>

Windows 🟢

Command: .\wazuh-agent.msi /q WAZUH_MANAGER="1,2,3,4,5,6,7,8,9,1,2,3,4,5,6,7,8,9,,,,,,,,,,,1,12"
Configuration:

  <client>
    <server>
      <address>1</address>
      <port>1514</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>2</address>
      <port>1514</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>3</address>
      <port>1514</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>4</address>
      <port>1514</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>5</address>
      <port>1514</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>6</address>
      <port>1514</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>7</address>
      <port>1514</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>8</address>
      <port>1514</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>9</address>
      <port>1514</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>12</address>
      <port>1514</port>
      <protocol>tcp</protocol>
    </server>
    <crypto_method>aes</crypto_method>
    <notify_time>10</notify_time>
    <time-reconnect>60</time-reconnect>
    <auto_restart>yes</auto_restart>
  </client>

macOS 🟢

Command: launchctl setenv WAZUH_MANAGER "1,2,3,4,5,6,7,8,9,1,2,3,4,5,6,7,8,9,,,,,,,,,,,1,12" && installer -pkg wazuh-agent-4.4.0-0.pkg -target /;
Configuration:

  <client>
    <server>
      <address>1</address>
      <port>1514</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>2</address>
      <port>1514</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>3</address>
      <port>1514</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>4</address>
      <port>1514</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>5</address>
      <port>1514</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>6</address>
      <port>1514</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>7</address>
      <port>1514</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>8</address>
      <port>1514</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>9</address>
      <port>1514</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>12</address>
      <port>1514</port>
      <protocol>tcp</protocol>
    </server>
    <config-profile>darwin, darwin21, darwin21.1</config-profile>
    <notify_time>10</notify_time>
    <time-reconnect>60</time-reconnect>
    <auto_restart>yes</auto_restart>
    <crypto_method>aes</crypto_method>
    <enrollment>
      <enabled>yes</enabled>
      <manager_address>1</manager_address>
      <authorization_pass_path>etc/authd.pass</authorization_pass_path>
    </enrollment>
  </client>

Test deployment variables using 1 address and 1 protocol 🟢

AmazonLinux 🟢

Command: WAZUH_MANAGER=wazuh-manager,wazuh-manager2,4.4.4.4,1.2.1.3,dns-manager WAZUH_PROTOCOL=UDP WAZUH_MANAGER_PORT=444 WAZUH_AGENT_NAME=TESTING yum install ./wazuh-agent-4.4.0-0.commitd677dd2.x86_64.rpm
Configuration:

<ossec_config>
  <client>
    <server>
      <address>wazuh-manager</address>
      <port>444</port>
      <protocol>udp</protocol>
    </server>
    <server>
      <address>wazuh-manager2</address>
      <port>444</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>4.4.4.4</address>
      <port>444</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>1.2.1.3</address>
      <port>444</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>dns-manager</address>
      <port>444</port>
      <protocol>tcp</protocol>
    </server>
    <config-profile>amzn, amzn2</config-profile>
    <notify_time>10</notify_time>
    <time-reconnect>60</time-reconnect>
    <auto_restart>yes</auto_restart>
    <crypto_method>aes</crypto_method>
    <enrollment>
      <enabled>yes</enabled>
      <manager_address>wazuh-manager</manager_address>
      <agent_name>TESTING</agent_name>
      <authorization_pass_path>etc/authd.pass</authorization_pass_path>
    </enrollment>
  </client>

Ubuntu 🟢

Command: WAZUH_MANAGER=wazuh-manager,wazuh-manager2,4.4.4.4,1.2.1.3,dns-manager WAZUH_PROTOCOL=UDP WAZUH_MANAGER_PORT=444 WAZUH_AGENT_NAME=TESTING apt-get install ./wazuh-agent_4.4.0-0.commit8eb0a41_amd64.deb
Configuration:

  <client>
    <server>
      <address>wazuh-manager</address>
      <port>444</port>
      <protocol>udp</protocol>
    </server>
    <server>
      <address>wazuh-manager2</address>
      <port>444</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>4.4.4.4</address>
      <port>444</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>1.2.1.3</address>
      <port>444</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>dns-manager</address>
      <port>444</port>
      <protocol>tcp</protocol>
    </server>
    <config-profile>ubuntu, ubuntu22, ubuntu22.04</config-profile>
    <notify_time>10</notify_time>
    <time-reconnect>60</time-reconnect>
    <auto_restart>yes</auto_restart>
    <crypto_method>aes</crypto_method>
    <enrollment>
      <enabled>yes</enabled>
      <manager_address>wazuh-manager</manager_address>
      <agent_name>TESTING</agent_name>
      <authorization_pass_path>etc/authd.pass</authorization_pass_path>
    </enrollment>
  </client>

Windows 🟢

Command: .\wazuh-agent.msi /q WAZUH_MANAGER=wazuh-manager,wazuh-manager2,4.4.4.4,1.2.1.3,dns-manager WAZUH_PROTOCOL=UDP WAZUH_MANAGER_PORT=444 WAZUH_AGENT_NAME=TESTING
Configuration:

  <client>
    <server>
      <address>wazuh-manager</address>
      <port>444</port>
      <protocol>udp</protocol>
    </server>
    <server>
      <address>wazuh-manager2</address>
      <port>444</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>4.4.4.4</address>
      <port>444</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>1.2.1.3</address>
      <port>444</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>dns-manager</address>
      <port>444</port>
      <protocol>tcp</protocol>
    </server>
    <crypto_method>aes</crypto_method>
    <notify_time>10</notify_time>
    <time-reconnect>60</time-reconnect>
    <auto_restart>yes</auto_restart>
    <enrollment>
        <enabled>yes</enabled>
        <agent_name>TESTING</agent_name>
    </enrollment>
  </client>

macOS 🟢

Command: WAZUH_MANAGER=wazuh-manager,wazuh-manager2,4.4.4.4,1.2.1.3,dns-manager WAZUH_PROTOCOL=UDP WAZUH_MANAGER_PORT=444 WAZUH_AGENT_NAME=TESTING yum install ./wazuh-agent-4.4.0-0.commitd677dd2.x86_64.rpm

Configuration:

  <client>
    <server>
      <address>1.2.1.3</address>
      <port>444</port>
      <protocol>udp</protocol>
    </server>
    <server>
      <address>4.4.4.4</address>
      <port>444</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>dns-manager</address>
      <port>444</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>wazuh-manager</address>
      <port>444</port>
      <protocol>tcp</protocol>
    </server>
    <server>
      <address>wazuh-manager2</address>
      <port>444</port>
      <protocol>tcp</protocol>
    </server>
    <config-profile>amzn, amzn2</config-profile>
    <notify_time>10</notify_time>
    <time-reconnect>60</time-reconnect>
    <auto_restart>yes</auto_restart>
    <crypto_method>aes</crypto_method>
    <enrollment>
      <enabled>yes</enabled>
      <manager_address>1.2.1.3</manager_address>
      <agent_name>TESTING</agent_name>
      <authorization_pass_path>etc/authd.pass</authorization_pass_path>
    </enrollment>
  </client>

Test deployment variables using 1 address and multiple protocols 🟢

AmazonLinux 🟢

Command: WAZUH_MANAGER=wazuh-manager WAZUH_PROTOCOL=UDP,TCP,TPC,UPC,UDP WAZUH_MANAGER_PORT=444 WAZUH_AGENT_NAME=TESTING yum install ./wazuh-agent-4.4.0.rpm
Configuration:

<ossec_config>
  <client>
    <server>
      <address>wazuh-manager</address>
      <port>444</port>
      <protocol>udp</protocol>
    </server>
    <config-profile>amzn, amzn2</config-profile>
    <notify_time>10</notify_time>
    <time-reconnect>60</time-reconnect>
    <auto_restart>yes</auto_restart>
    <crypto_method>aes</crypto_method>
    <enrollment>
      <enabled>yes</enabled>
      <manager_address>wazuh-manager</manager_address>
      <agent_name>TESTING</agent_name>
      <authorization_pass_path>etc/authd.pass</authorization_pass_path>
    </enrollment>
  </client>

Ubuntu 🟢

Command: WAZUH_MANAGER=wazuh-manager WAZUH_PROTOCOL=UDP,TCP,TPC,UPC,UDP WAZUH_MANAGER_PORT=444 WAZUH_AGENT_NAME=TESTING apt-get install ./wazuh-agent_4.4.0-0.commit8eb0a41_amd64.deb
Configuration:

  <client>
    <server>
      <address>wazuh-manager</address>
      <port>444</port>
      <protocol>udp</protocol>
    </server>
    <config-profile>ubuntu, ubuntu22, ubuntu22.04</config-profile>
    <notify_time>10</notify_time>
    <time-reconnect>60</time-reconnect>
    <auto_restart>yes</auto_restart>
    <crypto_method>aes</crypto_method>
    <enrollment>
      <enabled>yes</enabled>
      <manager_address>wazuh-manager</manager_address>
      <agent_name>TESTING</agent_name>
      <authorization_pass_path>etc/authd.pass</authorization_pass_path>
    </enrollment>
  </client>

Windows 🟢

Command: .\wazuh-agent.msi /q WAZUH_MANAGER=wazuh-manager WAZUH_PROTOCOL=UDP,TCP,TPC,UPC,UDP WAZUH_MANAGER_PORT=444 WAZUH_AGENT_NAME=TESTING
Configuration:

  <client>
    <server>
      <address>wazuh-manager</address>
      <port>444</port>
      <protocol>udp</protocol>
    </server>
    <crypto_method>aes</crypto_method>
    <notify_time>10</notify_time>
    <time-reconnect>60</time-reconnect>
    <auto_restart>yes</auto_restart>
    <enrollment>
        <enabled>yes</enabled>
        <agent_name>TESTING</agent_name>
    </enrollment>
  </client>

macOS 🟢

Command: launchctl setenv WAZUH_MANAGER "wazuh-manager" WAZUH_AGENT_NAME "TESTING" WAZUH_PROTOCOL "TCP" WAZUH_MANAGER_PORT "444" && installer -pkg wazuh-agent-4.4.0-0.pkg -target /;
Configuration:

  <client>
    <server>
      <address>wazuh-manager</address>
      <port>444</port>
      <protocol>tcp</protocol>
    </server>
    <config-profile>darwin, darwin21, darwin21.1</config-profile>
    <notify_time>10</notify_time>
    <time-reconnect>60</time-reconnect>
    <auto_restart>yes</auto_restart>
    <crypto_method>aes</crypto_method>
    <enrollment>
      <enabled>yes</enabled>
      <manager_address>wazuh-manager</manager_address>
      <agent_name>TESTING</agent_name>
      <authorization_pass_path>etc/authd.pass</authorization_pass_path>
    </enrollment>
  </client>

Windows/Linux deployment configuration differs using the same deployment variables 🔴

While in Linux agent enrollment configuration block is always specified, in Windows agent if default values are not changed, no configuration is specified.

Rebits · 2022-11-07T17:09:39Z

Update - 07/11/2022

Fifth manual testing iteration

Rebits · 2022-11-07T17:26:45Z

List of not development-related unexpected behaviors

Warning during Ubuntu agent installation N: Download is performed unsandboxed as root as file '/home/ubuntu/wazuh-agent_4.4.0-0.commitd677dd2_amd64.deb' couldn't be accessed by user '_apt'. - pkgAcquire::Run (13: Permission denied) 🟡. Reported Debian package installation from /root directory show pkgAcquire::Run (13: Permission denied) message wazuh-packages#1709
Windows Server 2022 default configuration does not include any config-profile 🟡 . Detailed in Create profiles for Windows Server 2022 and Windows 11 wazuh#15150
Default manager IP mismatch for Linux and macOS agents (MANAGER_IP) from Windows (0.0.0.0). Present in 4.3.8 🟡. Detailed in Standarize default manager for all OS wazuh#15154
Warning during Ubuntu agent uninstall: dpkg: warning: while removing wazuh-agent, directory '/usr/lib/systemd/system' not empty so not removed. Present in 4.3.8 🟡. Detailed in Unexpected warning during Ubuntu agent uninstallation wazuh-packages#1879
Enrollment configuration block indentation is incorrect for Windows agents. 🟡. Detailed in Windows agent enrollment configuration block overindented wazuh#15324
If a previous agent installation was performed, and only binaries were removed (apt-get remove), the new agent installation will set the default configuration independently of the parameters specified. ⚫

List of fixed unexpected behaviors not development-related

The list of agents provided by the user was reordered alphabetically, change original order, and the WAZUH_REGISTRATION_SERVER (the first manager if it is not specified). After this change managers' list is stable, maintaining the user manager's ordering.

Rebits · 2022-11-08T17:50:38Z

Testing after requested changes 🟢

Tester: @Rebits
PR commit: wazuh/wazuh@7450895

Results

Windows/Linux deployment configuration is consistent 🟢

Windows and Ubuntu agent configurations are consistent.

Command: WAZUH_MANAGER="10.0.0.2" apt-get install ./wazuh-agent_4.4.0-0.commit7450895_amd64.deb

Ubuntu:

  <client>
    <server>
      <address>10.0.0.2</address>
      <port>1514</port>
      <protocol>tcp</protocol>
    </server>
    <config-profile>ubuntu, ubuntu20, ubuntu20.04</config-profile>
    <notify_time>10</notify_time>
    <time-reconnect>60</time-reconnect>
    <auto_restart>yes</auto_restart>
    <crypto_method>aes</crypto_method>
  </client>

Windows:

  <client>
    <server>
      <address>10.0.0.2</address>
      <port>1514</port>
      <protocol>tcp</protocol>
    </server>
    <config-profile>windows, windows10</config-profile>
    <crypto_method>aes</crypto_method>
    <notify_time>10</notify_time>
    <time-reconnect>60</time-reconnect>
    <auto_restart>yes</auto_restart>
  </client>

jmv74211 · 2022-11-09T09:42:10Z

Closing conclusion 👍🏼


🟢	Solved
🔵	Proposed to be fixed in future versions or developments
⚫	Discarded

The development has been approved taking into account the following considerations:

(1) The values of WAZUH_MANAGER do not follow the specified order, causing inconsistencies. 🟢

Installation using the WAZUH_MANAGER variable with multiple values causes blocks to be inserted in an unexpected order, causing the protocols and manager addresses to not match as expected. This occurs for Linux and macOS agents.

This has been fixed in this current development

(2) WAZUH_PROTOCOL values cause multiple blocks to be inserted in Windows agents, potentially causing unwanted behavior 🟢

This has been solved in this current development wazuh/wazuh@f07df8f

(3) If we specify more values for WAZUH_MANAGER variable than > WAZUH_PROTOCOL, then wazuh-agent installation fails for Windows 🟢

This has been solved in this current development wazuh/wazuh@50c5c11

(4) New Warning during agent installation in Ubuntu ⚫

This was previously investigated in this issue wazuh-packages#1709 and this seems to be related to apt (see the issue comments).

(5) Windows Server 2022 default configuration does not include any config-profile 🔵

The following issue has been opened to report this wazuh#15150. It will be fixed for future versions.

(6) Default manager IP mismatch for Linux and macOS agents (MANAGER_IP) from Windows (0.0.0.0) 🔵

The following issue has been opened to report this wazuh#15154. It will be fixed for future versions.

(7) Warning during Ubuntu agent uninstallation using apt-get remove wazuh-agent 🔵

dpkg: warning: while removing wazuh-agent, directory '/usr/lib/systemd/system' not empty so not removed

This also happens in the production version. The following issue has been opened to report this wazuh-packages#1879. It will be investigated and probably fixed for future versions.

(8) Unexpected message during installation in AmazonLinux and Ubuntu OS 🟢

/var/ossec/packages_files/agent_installation_scripts/src/init/register_configure_agent.sh: line 339: [: too many arguments

This has been solved in this current development wazuh/wazuh@7b05541

(9) If duplicated managers are provided in WAZUH_MANAGER, the configuration will include duplicate configuration. 🟢

This has been solved in this current development wazuh/wazuh@7d38f36

(10) While in Linux agent enrollment configuration block is always specified, in Windows agent if default values are not changed, no configuration is specified 🟢

This has been solved in this current development wazuh/wazuh@7450895

(11) Enrollment configuration block indentation is incorrect for Windows agents 🔵

The following issue has been opened to report this wazuh#15324. It will be fixed for future versions.

(12) If a previous agent installation was performed, and only binaries were removed (apt-get remove), the new agent installation will set the default configuration independently of the parameters specified ⚫

After talking with the development team, this is a normal behavior since the OS considers that it is an upgrade if it is not uninstalled with purge.

* Add support to multiple ptotocols in deployment vars * Use bash arrays to set addresses and protocols * Allow list of protocols for deployment variables * Remove legacy fixes * Add workflow for github actions * Add ubuntu test * Improve register_configure_agent * Add Windows test script * Improve windows deployment variables script * Add macos test * Allow using WAZUH_PROTOCOL variable without WAZUH_MANAGER * Fix github actions workflow * Increase wait timeout * Add timeoutSeconds to Wait for build step * Fail when time out is reached * Change task name * Fix Windows and macOS tests issues * Improve test function * Apply shellcheck recomendations * Add lines at start and end of functions * Remove date in copyright and fix path * Fix condition in Installerscripts.vbs: - Caused error when using more WAZUH_MANAGER values than WAZUH_PROTOCOL * Only remove non-unique WAZUH_MANAGER values if it does not affect to protocol order * Remove addition of second protocol line from InstallerScripts.vbs * Show downloaded package in tests * Correctly place profile template * Fix issues in deployment scripts. - Reported in wazuh/wazuh-qa#3400 (comment) * Generate unique ip lists when conditions are met - See conditions here: #14532 (comment) * Fix error causing protocol to not be set when to TCP #14532 * Fix error showing repeated block when using repeated IP and no protocol * Avoid empty addresses and make protocol list lowercase before calculating uniques Reported here: wazuh/wazuh-qa#3400 (comment) * Fix array index error * Keep order when calculating unique elements * Avoid setting WAZUH_REGISTRATION_SERVER if not specified

DFolchA added team/qa dev-testing labels Oct 3, 2022

jmv74211 added this to the Core PRs approval - 4.4.0 milestone Oct 3, 2022

jmv74211 added subteam/qa-main and removed status/not-tracked labels Oct 3, 2022

Rebits self-assigned this Oct 6, 2022

alberpilot mentioned this issue Oct 6, 2022

Fix deployment variable WAZUH_PROTOCOL with multiple manager address block wazuh/wazuh#14532

Closed

jmv74211 added the target/4.4.0 label Oct 7, 2022

jmv74211 changed the title ~~QA testing - Use multiple protocols in windows deployment variables~~ Use multiple protocols in windows deployment variables Oct 10, 2022

This was referenced Oct 11, 2022

Create profiles for Windows Server 2022 and Windows 11 wazuh/wazuh#15150

Closed

Unexpected warning during Ubuntu agent uninstallation wazuh/wazuh-packages#1879

Closed

Standarize default manager for all OS wazuh/wazuh#15154

Closed

DFolchA added a commit to wazuh/wazuh that referenced this issue Oct 17, 2022

Fix issues in deployment scripts.

7b05541

- Reported in wazuh/wazuh-qa#3400 (comment)

DFolchA added a commit to wazuh/wazuh that referenced this issue Oct 24, 2022

Avoid empty addresses and make protocol list lowercase before calcula…

8e35f7a

…ting uniques Reported here: wazuh/wazuh-qa#3400 (comment)

DFolchA added a commit to wazuh/wazuh that referenced this issue Nov 2, 2022

Avoid empty addresses and make protocol list lowercase before calcula…

f50e50c

…ting uniques Reported here: wazuh/wazuh-qa#3400 (comment)

jmv74211 closed this as completed Nov 9, 2022

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Use multiple protocols in windows deployment variables #3400

Use multiple protocols in windows deployment variables #3400

DFolchA commented Oct 3, 2022 •

edited by Rebits

Rebits commented Oct 6, 2022 •

edited

Rebits commented Oct 7, 2022 •

edited

jmv74211 commented Oct 11, 2022 •

edited

jmv74211 commented Oct 11, 2022

Rebits commented Oct 17, 2022 •

edited

Rebits commented Oct 17, 2022

DFolchA commented Oct 17, 2022

Rebits commented Oct 24, 2022 •

edited

Rebits commented Oct 24, 2022

Rebits commented Nov 4, 2022 •

edited

Rebits commented Nov 4, 2022

Rebits commented Nov 4, 2022

Rebits commented Nov 7, 2022 •

edited

Rebits commented Nov 7, 2022

Rebits commented Nov 7, 2022 •

edited

Rebits commented Nov 8, 2022 •

edited

jmv74211 commented Nov 9, 2022

Use multiple protocols in windows deployment variables #3400

Use multiple protocols in windows deployment variables #3400

Comments

DFolchA commented Oct 3, 2022 • edited by Rebits

Description

Proposed checks

Steps to reproduce

Expected results

Configuration and considerations

Rebits commented Oct 6, 2022 • edited

Tester review

Testing environment

Conclusion 🔴

Status

Rebits commented Oct 7, 2022 • edited

Testing results 🔴

jmv74211 commented Oct 11, 2022 • edited

QA review

jmv74211 commented Oct 11, 2022

Rebits commented Oct 17, 2022 • edited

Testing after requested changes

Results 🔴

Rebits commented Oct 17, 2022

Update - 17/10/2022

DFolchA commented Oct 17, 2022

Update

Rebits commented Oct 24, 2022 • edited

Testing after requested changes

Conclusions:

Rebits commented Oct 24, 2022

Update - 24/10/2022

Rebits commented Nov 4, 2022 • edited

Testing after requested changes

Results 🔴

Conclusion 🔴

Rebits commented Nov 4, 2022

Update - 04/11/2022

Rebits commented Nov 4, 2022

Update - 04/11/2022

Rebits commented Nov 7, 2022 • edited

Testing after requested changes 🔴

Results

Rebits commented Nov 7, 2022

Update - 07/11/2022

Rebits commented Nov 7, 2022 • edited

List of not development-related unexpected behaviors

List of fixed unexpected behaviors not development-related

Rebits commented Nov 8, 2022 • edited

Testing after requested changes 🟢

Results

jmv74211 commented Nov 9, 2022

Closing conclusion 👍🏼

DFolchA commented Oct 3, 2022 •

edited by Rebits

Rebits commented Oct 6, 2022 •

edited

Rebits commented Oct 7, 2022 •

edited

jmv74211 commented Oct 11, 2022 •

edited

Rebits commented Oct 17, 2022 •

edited

Rebits commented Oct 24, 2022 •

edited

Rebits commented Nov 4, 2022 •

edited

Rebits commented Nov 7, 2022 •

edited

Rebits commented Nov 7, 2022 •

edited

Rebits commented Nov 8, 2022 •

edited