wazuh · c-bordon · Dec 13, 2024 · Nov 7, 2024 · Nov 7, 2024 · Nov 7, 2024
diff --git a/.gitignore b/.gitignore
@@ -2,6 +2,7 @@ wazuh-install.sh
 wazuh-passwords-tool.sh
 wazuh-certs-tool.sh
 config.yml
+!documentation-templates/wazuh/config.yml
 wazuh-install-files.tar
 wazuh-install-files/
 wazuh-offline.tar.gz

diff --git a/CHANGELOG.md b/CHANGELOG.md
@@ -21,8 +21,13 @@ All notable changes to this project will be documented in this file.
 
 ## [4.10.0]
 
+### Added
+
+- Migrated documentation templates to wazuh-installation-assistant repository. ([#144](https://github.com/wazuh/wazuh-installation-assistant/pull/144))
+
 ### Changed
 
+- Removed check functions for Wazuh manager and Filebeat. ([#138](https://github.com/wazuh/wazuh-installation-assistant/pull/138))
 - Add checksum input and update the upload files to S3 steps ([#106](https://github.com/wazuh/wazuh-installation-assistant/pull/106))
 - Deleted the offline_checkDependencies function and unified logic in offline_checkPrerequisites function. ([#99](https://github.com/wazuh/wazuh-installation-assistant/pull/99))
 - Add input for wazuh installation assistant reference in workflows. ([#98](https://github.com/wazuh/wazuh-installation-assistant/pull/98))

diff --git a/documentation-templates/wazuh/config.yml b/documentation-templates/wazuh/config.yml
@@ -0,0 +1,28 @@
+nodes:
+  # Wazuh indexer nodes
+  indexer:
+    - name: node-1
+      ip: "<indexer-node-ip>"
+    #- name: node-2
+    #  ip: "<indexer-node-ip>"
+    #- name: node-3
+    #  ip: "<indexer-node-ip>"
+
+  # Wazuh server nodes
+  # If there is more than one Wazuh server
+  # node, each one must have a node_type
+  server:
+    - name: wazuh-1
+      ip: "<wazuh-manager-ip>"
+    #  node_type: master
+    #- name: wazuh-2
+    #  ip: "<wazuh-manager-ip>"
+    #  node_type: worker
+    #- name: wazuh-3
+    #  ip: "<wazuh-manager-ip>"
+    #  node_type: worker
+
+  # Wazuh dashboard nodes
+  dashboard:
+    - name: dashboard
+      ip: "<dashboard-node-ip>"
diff --git a/documentation-templates/wazuh/filebeat/filebeat.yml b/documentation-templates/wazuh/filebeat/filebeat.yml
@@ -0,0 +1,39 @@
+# Wazuh - Filebeat configuration file
+output.elasticsearch:
+  hosts: ["127.0.0.1:9200"]
+  protocol: https
+  username: ${username}
+  password: ${password}
+  ssl.certificate_authorities:
+    - /etc/filebeat/certs/root-ca.pem
+  ssl.certificate: "/etc/filebeat/certs/filebeat.pem"
+  ssl.key: "/etc/filebeat/certs/filebeat-key.pem"
+setup.template.json.enabled: true
+setup.template.json.path: '/etc/filebeat/wazuh-template.json'
+setup.template.json.name: 'wazuh'
+setup.ilm.overwrite: true
+setup.ilm.enabled: false
+
+filebeat.modules:
+  - module: wazuh
+    alerts:
+      enabled: true
+    archives:
+      enabled: false
+
+logging.level: info
+logging.to_files: true
+logging.files:
+  path: /var/log/filebeat
+  name: filebeat
+  keepfiles: 7
+  permissions: 0644
+
+logging.metrics.enabled: false
+
+seccomp:
+  default_action: allow
+  syscalls:
+  - action: allow
+    names:
+    - rseq
diff --git a/install_functions/filebeat.sh b/install_functions/filebeat.sh
@@ -6,19 +6,6 @@
 # License (version 2) as published by the FSF - Free Software
 # Foundation.
 
-function filebeat_checkService() {
-    common_logger "Checking Filebeat connection"
-
-    if  filebeat test output | grep -q -i -w "ERROR"; then
-        common_logger -e "Filebeat connection Error."
-        eval "filebeat test output x ${debug}"
-        installCommon_rollBack
-        exit 1
-    else
-        common_logger "Filebeat connection successful"
-    fi
-}
-
 function filebeat_configure(){
 
     common_logger -d "Configuring Filebeat."

diff --git a/install_functions/installMain.sh b/install_functions/installMain.sh
@@ -394,12 +394,10 @@ function main() {
             manager_startCluster
         fi
         installCommon_startService "wazuh-manager"
-        manager_checkService
         filebeat_install
         filebeat_configure
         installCommon_changePasswords
         installCommon_startService "filebeat"
-        filebeat_checkService
         installCommon_removeWIADependencies
     fi
 
@@ -416,11 +414,9 @@ function main() {
         manager_install
         manager_configure
         installCommon_startService "wazuh-manager"
-        manager_checkService
         filebeat_install
         filebeat_configure
         installCommon_startService "filebeat"
-        filebeat_checkService
         common_logger "--- Wazuh dashboard ---"
         dashboard_install
         dashboard_configure

diff --git a/install_functions/manager.sh b/install_functions/manager.sh
@@ -42,50 +42,6 @@ function manager_startCluster() {
 
 }
 
-function manager_checkService() {
-    common_logger "Checking Wazuh API connection"
-
-    max_attempts=15
-    attempt=0
-    seconds=5
-    api_password="wazuh-wui"
-    token_command="curl -k -s -X POST -u \"wazuh-wui:${api_password}\" https://127.0.0.1:55000/security/user/authenticate/run_as?raw=true -d '{\"user_name\":\"wzread\"}' -H \"content-type:application/json\""
-    TOKEN=$(eval "${token_command}")
-
-    # Wait for the API to be ready 
-    while [[ -z "${TOKEN}" && "${attempt}" -lt "${max_attempts}" ]]; do
-        attempt=$((attempt+1))
-        common_logger "Attempt $attempt: Checking the Wazuh API to be ready"
-        sleep "${seconds}"
-        TOKEN=$(eval "${token_command}")
-    done
-    common_logger "Wazuh API is ready to receive requests."
-
-    # Change curl credentials in case the master node has changed the passwords 
-    if [[ "${TOKEN}" =~ "Invalid credentials" && "${server_node_types[pos]}" == "worker" ]]; then
-        api_password=$(tar -axf "${tar_file}" wazuh-install-files/wazuh-passwords.txt -O | grep -P "'wazuh-wui'" -A 1 | awk 'NR==2 { print $2 }' | sed "s/'//g")
-        token_command="curl -k -s -X POST -u \"wazuh-wui:${api_password}\" https://127.0.0.1:55000/security/user/authenticate/run_as?raw=true -d '{\"user_name\":\"wzread\"}' -H \"content-type:application/json\""
-        TOKEN=$(eval "${token_command}")
-    fi
-
-    if [[ -z "${TOKEN}" ]]; then
-        common_logger -e "Failed to obtain Wazuh API token after $max_attempts attempts."
-        installCommon_rollBack
-        exit 1
-    fi
-
-    wm_error=$(curl -k -s -X GET "https://127.0.0.1:55000/agents/outdated?pretty=true" -H "Authorization: Bearer ${TOKEN}")
-
-    if  [[ ${wm_error,,} =~ '"error": 0' ]]; then
-        common_logger "Wazuh API connection successful"
-    else
-        common_logger -e "Wazuh API connection Error. $wm_error"
-        eval "/var/ossec/bin/wazuh-control status ${debug}"
-        installCommon_rollBack
-        exit 1
-    fi
-}
-
 function manager_configure(){
 
     common_logger -d "Configuring Wazuh manager."
@@ -107,7 +63,7 @@ function manager_configure(){
     eval "sed -i s/filebeat-key.pem/${server_node_names[0]}-key.pem/ /var/ossec/etc/ossec.conf ${debug}"
     common_logger -d "Setting provisional Wazuh indexer password."
     eval "/var/ossec/bin/wazuh-keystore -f indexer -k username -v admin"
-    eval "/var/ossec/bin/wazuh-keystore -f indexer -k password -v admin"  
+    eval "/var/ossec/bin/wazuh-keystore -f indexer -k password -v admin"
     common_logger "Wazuh manager vulnerability detection configuration finished."
 }