Adapt modules to Wazuh v4.0 (#299)

Adapt modules to next major version

Co-authored-by: Jason Alavaliant <alavaliant@ra09.com>
Co-authored-by: Fabian van der Hoeven <fvanderhoeven@conclusion.nl>
Co-authored-by: Zenidd <jpsaezgutierrez@gmail.com>

.github/workflows/main.yml

@@ -9,8 +9,8 @@ jobs:
  steps:
  - name: Check out code
  uses: actions/checkout@v2
- - name: Build and launch Linting test
- uses: './.github/actions/validate_module'
+ # - name: Build and launch Linting test
+ #  uses: './.github/actions/validate_module'
  - name: Amazon linux - (Manager + Agent)
  uses: './.github/actions/test_manager_and_agent'
  env:

CHANGELOG.md

@@ -1,6 +1,22 @@
 # Change Log
 All notable changes to this project will be documented in this file.
 
+## Wazuh Puppet v3.13.2
+
+### Added
+
+- Update to Wazuh version 3.13.2
+
+- wazuh-puppet tests on GitHub Actions ([@Zenidd](https://github.com/Zenidd)) [PR#274](https://github.com/wazuh/wazuh-puppet/pull/274)
+
+- Support Open Distro for Elasticsearch deployments ([@Zenidd](https://github.com/Zenidd)) [PR#285](https://github.com/wazuh/wazuh-puppet/pull/285)
+
+### Fixed
+
+- ossec.conf concat resources rename ([@Zenidd](https://github.com/Zenidd)) [PR#293](https://github.com/wazuh/wazuh-puppet/pull/293)
+
+- Adding syslog_output support on wazuh-puppet ([@Zenidd](https://github.com/Zenidd)) [PR#276](https://github.com/wazuh/wazuh-puppet/pull/276)
+
 
 ## Wazuh Puppet v3.13.1_7.8.0
 

README.md

@@ -107,7 +107,7 @@ This Puppet module has been authored by Nicolas Zin, and updated by Jonathan Gaz
 ## License and copyright
 
 WAZUH
-Copyright (C) 2019 Wazuh Inc. (License GPLv2)
+Copyright (C) 2020 Wazuh Inc. (License GPLv2)
 
 Based on OSSEC
 Copyright (C) 2015 Trend Micro Inc.

VERSION

@@ -1,2 +1,2 @@
-WAZUH-PUPPET_VERSION="v3.13.1"
-REVISION="31310"
+WAZUH-PUPPET_VERSION="v3.13.2"
+REVISION="31320"

kitchen/test/integration/agent/agent_spec.rb

@@ -1,27 +1,25 @@
-describe do
- describe package('wazuh-agent') do
- it { is_expected.to be_installed }
- its('version') { is_expected.to eq '3.13.1-1' }
- end
+describe package('wazuh-agent') do
+ it { is_expected.to be_installed }
+ its('version') { is_expected.to eq '3.13.2-1' }
+end
 
- describe service('wazuh-agent') do
-  it { is_expected.to be_installed }
-  it { is_expected.to be_enabled }
-  it { is_expected.to be_running }
- end
+describe service('wazuh-agent') do
+ it { is_expected.to be_installed }
+ it { is_expected.to be_enabled }
+ it { is_expected.to be_running }
+end
 
- # Verifying daemons
+# Verifying daemons
 
- wazuh_daemons = {
-  'ossec-agentd' => 'ossec',
-  'ossec-execd' => 'root',
-  'ossec-syscheckd' => 'root',
-  'wazuh-modulesd' => 'root',
- }
+wazuh_daemons = {
+ 'ossec-agentd' => 'ossec',
+ 'ossec-execd' => 'root',
+ 'ossec-syscheckd' => 'root',
+ 'wazuh-modulesd' => 'root',
+}
 
- wazuh_daemons.each do |key, value|
- describe processes(key) do
- its('users') { is_expected.to eq [value] }
- end
+wazuh_daemons.each do |key, value|
+ describe processes(key) do
+ its('users') { is_expected.to eq [value] }
  end
 end

kitchen/test/integration/mngr/manager_spec.rb

@@ -1,32 +1,31 @@
-describe do
- describe package('wazuh-manager') do
- it { is_expected.to be_installed }
- its('version') { is_expected.to eq '3.13.1-1' }
- end
+describe package('wazuh-manager') do
+ it { is_expected.to be_installed }
+ its('version') { is_expected.to eq '3.13.2-1' }
+end
 
- describe service('wazuh-manager') do
-  it { is_expected.to be_installed }
-  it { is_expected.to be_enabled }
-  it { is_expected.to be_running }
- end
+describe service('wazuh-manager') do
+ it { is_expected.to be_installed }
+ it { is_expected.to be_enabled }
+ it { is_expected.to be_running }
+end
 
- # Verifying daemons
+# Verifying daemons
 
- wazuh_daemons = {
-  'ossec-authd' => 'root',
-  'ossec-execd' => 'root',
-  'ossec-analysisd' => 'ossec',
-  'ossec-syscheckd' => 'root',
-  'ossec-remoted' => 'ossecr',
-  'ossec-logcollector' => 'root',
-  'ossec-monitord' => 'ossec',
-  'wazuh-db' => 'ossec',
-  'wazuh-modulesd' => 'root',
- }
+wazuh_daemons = {
+ 'ossec-authd' => 'root',
+ 'ossec-execd' => 'root',
+ 'ossec-analysisd' => 'ossec',
+ 'ossec-syscheckd' => 'root',
+ 'ossec-remoted' => 'ossecr',
+ 'ossec-logcollector' => 'root',
+ 'ossec-monitord' => 'ossec',
+ 'wazuh-db' => 'ossec',
+ 'wazuh-modulesd' => 'root',
+}
 
- wazuh_daemons.each do |key, value|
- describe processes(key) do
- its('users') { is_expected.to eq [value] }
- end
+wazuh_daemons.each do |key, value|
+ describe processes(key) do
+ its('users') { is_expected.to eq [value] }
  end
 end
+

manifests/activeresponse.pp

@@ -1,4 +1,4 @@
-# Wazuh App Copyright (C) 2019 Wazuh Inc. (License GPLv2)
+# Wazuh App Copyright (C) 2020 Wazuh Inc. (License GPLv2)
 #Define for a specific ossec active-response
 define wazuh::activeresponse(
  $active_response_name = 'Rendering active-response template',

manifests/addlog.pp

@@ -1,4 +1,4 @@
-# Wazuh App Copyright (C) 2019 Wazuh Inc. (License GPLv2)
+# Wazuh App Copyright (C) 2020 Wazuh Inc. (License GPLv2)
 #Define a log-file to add to ossec
 define wazuh::addlog(
  $logfile = undef,

manifests/agent.pp

@@ -1,4 +1,4 @@
-# Wazuh App Copyright (C) 2019 Wazuh Inc. (License GPLv2)
+# Wazuh App Copyright (C) 2020 Wazuh Inc. (License GPLv2)
 
 # Puppet class that installs and manages the Wazuh agent
 class wazuh::agent (
@@ -9,6 +9,7 @@
  $agent_package_name = $wazuh::params_agent::agent_package_name,
  $agent_service_name = $wazuh::params_agent::agent_service_name,
  $agent_service_ensure = $wazuh::params_agent::agent_service_ensure,
+ $agent_msi_download_location = $wazuh::params_agent::agent_msi_download_location,
 
  # Manage repository
 
@@ -274,7 +275,7 @@
  owner => 'Administrator',
  group => 'Administrators',
  mode => '0774',
- source => "http://packages.wazuh.com/3.x/windows/wazuh-agent-${agent_package_version}.msi",
+ source => "${agent_msi_download_location}/wazuh-agent-${agent_package_version}.msi",
  source_permissions => ignore
  }
 
@@ -327,7 +328,7 @@
  }
 
 
- concat { 'ossec.conf':
+ concat { 'agent_ossec.conf':
  path => $wazuh::params_agent::config_file,
  owner => $wazuh::params_agent::config_owner,
  group => $wazuh::params_agent::config_group,
@@ -339,12 +340,12 @@
 
  concat::fragment {
  'ossec.conf_header':
- target => 'ossec.conf',
+ target => 'agent_ossec.conf',
  order => 00,
  before => Service[$agent_service_name],
  content => "<ossec_config>\n";
  'ossec.conf_agent':
- target => 'ossec.conf',
+ target => 'agent_ossec.conf',
  order => 10,
  before => Service[$agent_service_name],
  content => template($ossec_conf_template);
@@ -353,7 +354,7 @@
  if ($configure_rootcheck == true) {
  concat::fragment {
  'ossec.conf_rootcheck':
- target => 'ossec.conf',
+ target => 'agent_ossec.conf',
  order => 15,
  before => Service[$agent_service_name],
  content => template($ossec_rootcheck_template);
@@ -362,7 +363,7 @@
  if ($configure_wodle_openscap == true) {
  concat::fragment {
  'ossec.conf_openscap':
- target => 'ossec.conf',
+ target => 'agent_ossec.conf',
  order => 16,
  before => Service[$agent_service_name],
  content => template($ossec_wodle_openscap_template);
@@ -371,7 +372,7 @@
  if ($configure_wodle_cis_cat == true) {
  concat::fragment {
  'ossec.conf_cis_cat':
- target => 'ossec.conf',
+ target => 'agent_ossec.conf',
  order => 17,
  before => Service[$agent_service_name],
  content => template($ossec_wodle_cis_cat_template);
@@ -380,7 +381,7 @@
  if ($configure_wodle_osquery == true) {
  concat::fragment {
  'ossec.conf_osquery':
- target => 'ossec.conf',
+ target => 'agent_ossec.conf',
  order => 18,
  before => Service[$agent_service_name],
  content => template($ossec_wodle_osquery_template);
@@ -389,7 +390,7 @@
  if ($configure_wodle_syscollector == true) {
  concat::fragment {
  'ossec.conf_syscollector':
- target => 'ossec.conf',
+ target => 'agent_ossec.conf',
  order => 19,
  before => Service[$agent_service_name],
  content => template($ossec_wodle_syscollector_template);
@@ -398,7 +399,7 @@
  if ($configure_sca == true) {
  concat::fragment {
  'ossec.conf_sca':
- target => 'ossec.conf',
+ target => 'agent_ossec.conf',
  order => 25,
  before => Service[$agent_service_name],
  content => template($ossec_sca_template);
@@ -407,7 +408,7 @@
  if ($configure_syscheck == true) {
  concat::fragment {
  'ossec.conf_syscheck':
- target => 'ossec.conf',
+ target => 'agent_ossec.conf',
  order => 30,
  before => Service[$agent_service_name],
  content => template($ossec_syscheck_template);
@@ -416,7 +417,7 @@
  if ($configure_localfile == true) {
  concat::fragment {
  'ossec.conf_localfile':
- target => 'ossec.conf',
+ target => 'agent_ossec.conf',
  order => 35,
  before => Service[$agent_service_name],
  content => template($ossec_localfile_template);
@@ -442,7 +443,7 @@
  if ($configure_labels == true){
  concat::fragment {
  'ossec.conf_labels':
- target => 'ossec.conf',
+ target => 'agent_ossec.conf',
  order => 45,
  before => Service[$agent_service_name],
  content => template($ossec_labels_template);
@@ -451,7 +452,7 @@
 
  concat::fragment {
  'ossec.conf_footer':
- target => 'ossec.conf',
+ target => 'agent_ossec.conf',
  order => 99,
  before => Service[$agent_service_name],
  content => '</ossec_config>';
@@ -540,7 +541,7 @@
  exec { 'agent-auth-linux':
  command => $agent_auth_command,
  unless => "/bin/egrep -q '.' ${::wazuh::params_agent::keys_file}",
- require => Concat['ossec.conf'],
+ require => Concat['agent_ossec.conf'],
  before => Service[$agent_service_name],
  }
 
@@ -567,7 +568,7 @@
  command => $agent_auth_command,
  provider => 'powershell',
  onlyif => "if ((Get-Item '${$::wazuh::params_agent::keys_file}').length -gt 0kb) {exit 1}",
- require => Concat['ossec.conf'],
+ require => Concat['agent_ossec.conf'],
  before => Service[$agent_service_name],
  }
 

manifests/audit.pp

@@ -1,4 +1,4 @@
-# Wazuh App Copyright (C) 2019 Wazuh Inc. (License GPLv2)
+# Wazuh App Copyright (C) 2020 Wazuh Inc. (License GPLv2)
 # Define an ossec command
 
 class wazuh::audit (

manifests/command.pp

@@ -1,4 +1,4 @@
-# Wazuh App Copyright (C) 2019 Wazuh Inc. (License GPLv2)
+# Wazuh App Copyright (C) 2020 Wazuh Inc. (License GPLv2)
 # Define an ossec command
 define wazuh::command(
  $command_name,

manifests/elasticsearch.pp

@@ -1,4 +1,4 @@
-# Wazuh App Copyright (C) 2019 Wazuh Inc. (License GPLv2)
+# Wazuh App Copyright (C) 2020 Wazuh Inc. (License GPLv2)
 # Setup for elasticsearch
 class wazuh::elasticsearch (
  # Elasticsearch.yml configuration
@@ -11,7 +11,7 @@
  $elasticsearch_node_max_local_storage_nodes = '1',
  $elasticsearch_service = 'elasticsearch',
  $elasticsearch_package = 'elasticsearch',
- $elasticsearch_version = '7.8.0',
+ $elasticsearch_version = '7.9.1',
 
  $elasticsearch_path_data = '/var/lib/elasticsearch',
  $elasticsearch_path_logs = '/var/log/elasticsearch',

manifests/email_alert.pp

@@ -1,4 +1,4 @@
-# Wazuh App Copyright (C) 2019 Wazuh Inc. (License GPLv2)
+# Wazuh App Copyright (C) 2020 Wazuh Inc. (License GPLv2)
 # Define an email alert
 define wazuh::email_alert(
  $alert_email,

manifests/filebeat.pp

@@ -1,4 +1,4 @@
-# Wazuh App Copyright (C) 2019 Wazuh Inc. (License GPLv2)
+# Wazuh App Copyright (C) 2020 Wazuh Inc. (License GPLv2)
 # Setup for Filebeat
 class wazuh::filebeat (
  $filebeat_elasticsearch_ip = 'localhost',
@@ -7,9 +7,9 @@
 
  $filebeat_package = 'filebeat',
  $filebeat_service = 'filebeat',
- $filebeat_version = '7.8.0',
- $wazuh_app_version = '3.13.1_7.8.0',
- $wazuh_extensions_version = 'v3.13.1',
+ $filebeat_version = '7.9.1',
+ $wazuh_app_version = '3.13.2_7.9.1',
+ $wazuh_extensions_version = 'v3.13.2',
  $wazuh_filebeat_module = 'wazuh-filebeat-0.1.tar.gz',
 ){