Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Release 4.4.0 - Alpha 1 - E2E UX tests - Slack + Pagerduty + Shuffle #15559

Closed
2 tasks done
gdiazlo opened this issue Dec 1, 2022 · 4 comments
Closed
2 tasks done

Release 4.4.0 - Alpha 1 - E2E UX tests - Slack + Pagerduty + Shuffle #15559

gdiazlo opened this issue Dec 1, 2022 · 4 comments
Assignees
@gdiazlo
Labels
release test/4.4.0 Issues related to testing for v4.4.0 type/test/manual

Comments

@gdiazlo
Copy link
Member

gdiazlo commented Dec 1, 2022
edited by davidjiglesias
Loading

The following issue aims to run the specified test for the current release candidate, report the results, and open new issues for any encountered errors.

Test information
Test name Slack + Pagerduty + Shuffle
Category Integrations
Deployment option Step-by-Step
Main release issue #15505
Main E2E UX test issue #15519
Release candidate # Alpha 1

Test description

Deploy Wazuh with the following design

Component Guide Cluster / Single OS
indexer Step-by-step Single Ubuntu 22.04
server Step-by-step Cluster Ubuntu 18.04
dashboard Step-by-step Single Ubuntu 22.04
agent Dashboard command Single Fedora 37

Following the documentation, do your best effort to test Slack, Pagerduty, and Shuffle integrations, including:

Test report procedure

All test results must have one of the following statuses:
🟢 All checks passed.
🔴 There is at least one failed result.
🟡 There is at least one expected failure or skipped test and no failures.

Any failing test must be properly addressed with a new issue, detailing the error and the possible cause.

A comprehensive report of the test results must be attached as a ZIP or TXT file. Please attach any documents, screenshots, or tables to the issue update with the results. The auditors can use this report to dig deeper into any possible failures and details.

Conclusions

All tests have been executed and the results can be found here.
Status Test Failure type Notes
🟢 Indexer installation step-by-step
🟢 Configuring the Wazuh indexer
🟢 Cluster initialization
🟢 Deploying certificates
🟢 Installing the Wazuh manager
🟢 Installing Filebeat
🟢 Wazuh dashboard installation
🟢 Configuring the wazuh dashboard
🔴 Accessing dashboard wazuh/wazuh-dashboard-plugins#4938
🔴 Installing the agent using WU wazuh/wazuh-dashboard-plugins#4809
🟢 Configure Slack integration
🟡 Configure PgerDuty integration #4264
🔴 Configure shuffler integration No documentation #15034

All tests have passed and the fails have been reported or justified. Therefore, I conclude that this issue is finished and OK for this release candidate.

Auditors' validation

The definition of done for this one is the validation of the conclusions and the test results from all auditors.

All checks from below must be accepted in order to close this issue.
@gdiazlo gdiazlo mentioned this issue Dec 1, 2022
Closed
1 task
@gdiazlo
Copy link
Member Author

gdiazlo commented Dec 1, 2022
edited
Loading

Preparing the environment

Vagrantfile 
Vagrant.configure("2") do |config|

    # General configuration
    config.vm.synced_folder '.', '/vagrant', disabled: true
    config.vm.network "public_network", bridge: "Default Switch"
    config.vm.network "private_network", bridge: "WSL2"

    config.vm.provider "libvirt" do |vm|
            vm.cpus = 8
            vm.memory = 8192
    end

    config.vm.provider "virtualbox" do |vm|
            vm.check_guest_additions = false
            vm.memory = 8192
            vm.cpus = 8
            vm.customize ["modifyvm", :id, "--vram", "128"]
    end

    config.vm.provider "hyperv" do |h|
            h.enable_checkpoints = true
            h.enable_automatic_checkpoints = true
            h.enable_enhanced_session_mode = true
            h.memory = 8192
            h.maxmemory = 8192
            h.cpus = 8
    end

    config.ssh.forward_agent = true

    # deploy 4 machines

    config.vm.define "indexer" do |indexer|
        indexer.vm.box = "generic/ubuntu2204"
    end

    config.vm.define "dashboard" do |dashboard|
        dashboard.vm.box = "generic/ubuntu2204"
    end

    config.vm.define "server" do |server|
        server.vm.box = "generic/ubuntu2204"
    end

    config.vm.define "agent" do |agent|
        agent.vm.box = "generic/fedora37"
    end

end
Indexer installation step-by-step 🟢
  1. Certificates creation
root@ubuntu2204:~# curl -sO https://packages.wazuh.com/4.3/wazuh-certs-tool.sh
root@ubuntu2204:~# curl -sO https://packages.wazuh.com/4.3/config.yml
root@ubuntu2204:~# vim config.yml
root@ubuntu2204:~# bash ./wazuh-certs-tool.sh -A
01/12/2022 21:59:33 INFO: Admin certificates created.
01/12/2022 21:59:33 INFO: Wazuh indexer certificates created.
01/12/2022 21:59:33 INFO: Wazuh server certificates created.
01/12/2022 21:59:34 INFO: Wazuh dashboard certificates created.
root@ubuntu2204:~# tar -cvf ./wazuh-certificates.tar -C ./wazuh-certificates/ .
./
./dashboard.pem
./root-ca.pem
./wazuh-1.pem
./node-1.pem
./node-1-key.pem
./root-ca.key
./admin.pem
./dashboard-key.pem
./wazuh-1-key.pem
./admin-key.pem
root@ubuntu2204:~# rm -rf ./wazuh-certificates
  1. Nodes installation
root@ubuntu2204:~# apt-get install debconf adduser procps
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
adduser is already the newest version (3.118ubuntu5).
adduser set to manually installed.
debconf is already the newest version (1.5.79ubuntu1).
debconf set to manually installed.
procps is already the newest version (2:3.3.17-6ubuntu2).
procps set to manually installed.
0 upgraded, 0 newly installed, 0 to remove and 0 not upgraded.
root@ubuntu2204:~# apt-get install gnupg apt-transport-https
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
gnupg is already the newest version (2.2.27-3ubuntu2.1).
The following NEW packages will be installed:
  apt-transport-https
0 upgraded, 1 newly installed, 0 to remove and 0 not upgraded.
Need to get 1,506 B of archives.
After this operation, 169 kB of additional disk space will be used.
Do you want to continue? [Y/n] Y
Get:1 https://mirrors.edge.kernel.org/ubuntu jammy-updates/universe amd64 apt-transport-https all 2.4.8 [1,506 B]
Fetched 1,506 B in 1s (2,049 B/s)
Selecting previously unselected package apt-transport-https.
(Reading database ... 75386 files and directories currently installed.)
Preparing to unpack .../apt-transport-https_2.4.8_all.deb ...
Unpacking apt-transport-https (2.4.8) ...
Setting up apt-transport-https (2.4.8) ...
Scanning processes...
Scanning linux images...

Running kernel seems to be up-to-date.

No services need to be restarted.
deb [signed-by=/usr/share/keyrings/wazuh.gpg] https://packages-dev.wazuh.com/pre-release/apt/ unstable main

No containers need to be restarted.

No user sessions are running outdated binaries.

No VM guests are running outdated hypervisor (qemu) binaries on this host.
root@ubuntu2204:~# curl -s https://packages-dev.wazuh.com/key/GPG-KEY-WAZUH | gpg --no-default-keyring --keyring gnupg-ring:/usr/share/keyrings/wazuh.gpg --import && chmod 644 /usr/share/keyrings/wazuh.gpg
gpg: keyring '/usr/share/keyrings/wazuh.gpg' created
gpg: directory '/root/.gnupg' created
gpg: /root/.gnupg/trustdb.gpg: trustdb created
gpg: key 96B3EE5F29111145: public key "Wazuh.com (Wazuh Signing Key) <support@wazuh.com>" imported
gpg: Total number processed: 1
gpg:               imported: 1
root@ubuntu2204:~# echo "deb [signed-by=/usr/share/keyrings/wazuh.gpg] https://packages-dev.wazuh.com/pre-release/apt/ unstable main" | tee -a /etc/apt/sources.list.d/wazuh.list
deb [signed-by=/usr/share/keyrings/wazuh.gpg] https://packages-dev.wazuh.com/pre-release/apt/ unstable main
root@ubuntu2204:~# apt-get update
Hit:1 https://mirrors.edge.kernel.org/ubuntu jammy InRelease
Get:2 https://mirrors.edge.kernel.org/ubuntu jammy-updates InRelease [114 kB]
Get:3 https://mirrors.edge.kernel.org/ubuntu jammy-backports InRelease [99.8 kB]
Get:4 https://mirrors.edge.kernel.org/ubuntu jammy-security InRelease [110 kB]
Get:5 https://mirrors.edge.kernel.org/ubuntu jammy-updates/main amd64 Packages [753 kB]
Get:6 https://mirrors.edge.kernel.org/ubuntu jammy-updates/main Translation-en [169 kB]
Get:7 https://mirrors.edge.kernel.org/ubuntu jammy-updates/main amd64 c-n-f Metadata [11.3 kB]
Get:8 https://mirrors.edge.kernel.org/ubuntu jammy-updates/restricted amd64 Packages [475 kB]
Get:9 https://mirrors.edge.kernel.org/ubuntu jammy-updates/restricted Translation-en [72.7 kB]
Get:10 https://mirrors.edge.kernel.org/ubuntu jammy-updates/universe amd64 Packages [761 kB]
Get:11 https://mirrors.edge.kernel.org/ubuntu jammy-updates/universe Translation-en [128 kB]
Get:12 https://mirrors.edge.kernel.org/ubuntu jammy-updates/universe amd64 c-n-f Metadata [14.0 kB]
Get:13 https://mirrors.edge.kernel.org/ubuntu jammy-updates/multiverse amd64 c-n-f Metadata [420 B]
Get:14 https://mirrors.edge.kernel.org/ubuntu jammy-backports/universe amd64 Packages [6,736 B]
Get:15 https://mirrors.edge.kernel.org/ubuntu jammy-backports/universe Translation-en [9,460 B]
Get:16 https://mirrors.edge.kernel.org/ubuntu jammy-backports/universe amd64 c-n-f Metadata [348 B]
Get:17 https://mirrors.edge.kernel.org/ubuntu jammy-security/main amd64 Packages [520 kB]
Get:18 https://mirrors.edge.kernel.org/ubuntu jammy-security/main Translation-en [112 kB]
Get:19 https://mirrors.edge.kernel.org/ubuntu jammy-security/main amd64 c-n-f Metadata [7,200 B]
Get:20 https://mirrors.edge.kernel.org/ubuntu jammy-security/restricted amd64 Packages [438 kB]
Get:21 https://mirrors.edge.kernel.org/ubuntu jammy-security/restricted Translation-en [67.3 kB]
Get:22 https://mirrors.edge.kernel.org/ubuntu jammy-security/restricted amd64 c-n-f Metadata [584 B]
Get:23 https://mirrors.edge.kernel.org/ubuntu jammy-security/universe amd64 Packages [622 kB]
Get:24 https://mirrors.edge.kernel.org/ubuntu jammy-security/universe Translation-en [81.5 kB]
Get:25 https://mirrors.edge.kernel.org/ubuntu jammy-security/universe amd64 c-n-f Metadata [11.0 kB]
Get:26 https://mirrors.edge.kernel.org/ubuntu jammy-security/multiverse amd64 c-n-f Metadata [228 B]
Get:27 https://packages-dev.wazuh.com/pre-release/apt unstable InRelease [17.3 kB]
Get:28 https://packages-dev.wazuh.com/pre-release/apt unstable/main amd64 Packages [26.6 kB]
Fetched 43.9 kB in 2s (26.0 kB/s)
Reading package lists... Done
root@ubuntu2204:~# hostnamectl set-hostname node-1
root@ubuntu2204:~# apt-get -y install wazuh-indexer
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
The following NEW packages will be installed:
  wazuh-indexer
0 upgraded, 1 newly installed, 0 to remove and 22 not upgraded.
Need to get 400 MB of archives.
After this operation, 670 MB of additional disk space will be used.
Get:1 https://packages-dev.wazuh.com/pre-release/apt unstable/main amd64 wazuh-indexer amd64 4.4.0-1 [400 MB]
Fetched 400 MB in 16s (24.3 MB/s)
Selecting previously unselected package wazuh-indexer.
(Reading database ... 75390 files and directories currently installed.)
Preparing to unpack .../wazuh-indexer_4.4.0-1_amd64.deb ...
Creating wazuh-indexer group... OK
Creating wazuh-indexer user... OK
Unpacking wazuh-indexer (4.4.0-1) ...
Setting up wazuh-indexer (4.4.0-1) ...
Created opensearch keystore in /etc/wazuh-indexer/opensearch.keystore
Processing triggers for libc-bin (2.35-0ubuntu3.1) ...
Scanning processes...
Scanning linux images...

Running kernel seems to be up-to-date.

No services need to be restarted.

No containers need to be restarted.

No user sessions are running outdated binaries.

No VM guests are running outdated hypervisor (qemu) binaries on this host.
Configuring the Wazuh indexer 🟢 
network.host: "172.21.231.190"
node.name: "node-1"
cluster.initial_master_nodes:
- "node-1"
#- "node-2"
#- "node-3"
cluster.name: "wazuh-cluster"
#discovery.seed_hosts:
#  - "node-1-ip"
#  - "node-2-ip"
#  - "node-3-ip"
node.max_local_storage_nodes: "3"
path.data: /var/lib/wazuh-indexer
path.logs: /var/log/wazuh-indexer

plugins.security.ssl.http.pemcert_filepath: /etc/wazuh-indexer/certs/indexer.pem
plugins.security.ssl.http.pemkey_filepath: /etc/wazuh-indexer/certs/indexer-key.pem
plugins.security.ssl.http.pemtrustedcas_filepath: /etc/wazuh-indexer/certs/root-ca.pem
plugins.security.ssl.transport.pemcert_filepath: /etc/wazuh-indexer/certs/indexer.pem
plugins.security.ssl.transport.pemkey_filepath: /etc/wazuh-indexer/certs/indexer-key.pem
plugins.security.ssl.transport.pemtrustedcas_filepath: /etc/wazuh-indexer/certs/root-ca.pem
plugins.security.ssl.http.enabled: true
plugins.security.ssl.transport.enforce_hostname_verification: false
plugins.security.ssl.transport.resolve_hostname: false

plugins.security.authcz.admin_dn:
- "CN=admin,OU=Wazuh,O=Wazuh,L=California,C=US"
plugins.security.check_snapshot_restore_write_privileges: true
plugins.security.enable_snapshot_restore_privilege: true
plugins.security.nodes_dn:
- "CN=node-1,OU=Wazuh,O=Wazuh,L=California,C=US"
#- "CN=node-2,OU=Wazuh,O=Wazuh,L=California,C=US"
#- "CN=node-3,OU=Wazuh,O=Wazuh,L=California,C=US"
plugins.security.restapi.roles_enabled:
- "all_access"
- "security_rest_api_access"

plugins.security.system_indices.enabled: true
plugins.security.system_indices.indices: [".plugins-ml-model", ".plugins-ml-task", ".opendistro-alerting-config", ".opendistro-alerting-alert*", ".opendistro-anomaly-results*", ".opendistro-anomaly-detector*", ".opendistro-anomaly-checkpoints", ".opendistro-anomaly-detection-state", ".opendistro-reports-*", ".opensearch-notifications-*", ".opensearch-notebooks", ".opensearch-observability", ".opendistro-asynchronous-search-response*", ".replication-metadata-store"]

### Option to allow Filebeat-oss 7.10.2 to work ###
compatibility.override_main_response_version: true
Cluster initialization 🟢 
root@node-1:~# /usr/share/wazuh-indexer/bin/indexer-security-init.sh
**************************************************************************
** This tool will be deprecated in the next major release of OpenSearch **
** https://github.com/opensearch-project/security/issues/1755           **
**************************************************************************
Security Admin v7
Will connect to 172.21.231.190:9200 ... done
Connected as "CN=admin,OU=Wazuh,O=Wazuh,L=California,C=US"
OpenSearch Version: 2.3.0
Contacting opensearch cluster 'opensearch' and wait for YELLOW clusterstate ...
Clustername: wazuh-cluster
Clusterstate: GREEN
Number of nodes: 1
Number of data nodes: 1
.opendistro_security index does not exists, attempt to create it ... done (0-all replicas)
Populate config from /etc/wazuh-indexer/opensearch-security/
Will update '/config' with /etc/wazuh-indexer/opensearch-security/config.yml
   SUCC: Configuration for 'config' created or updated
Will update '/roles' with /etc/wazuh-indexer/opensearch-security/roles.yml
   SUCC: Configuration for 'roles' created or updated
Will update '/rolesmapping' with /etc/wazuh-indexer/opensearch-security/roles_mapping.yml
   SUCC: Configuration for 'rolesmapping' created or updated
Will update '/internalusers' with /etc/wazuh-indexer/opensearch-security/internal_users.yml
   SUCC: Configuration for 'internalusers' created or updated
Will update '/actiongroups' with /etc/wazuh-indexer/opensearch-security/action_groups.yml
   SUCC: Configuration for 'actiongroups' created or updated
Will update '/tenants' with /etc/wazuh-indexer/opensearch-security/tenants.yml
   SUCC: Configuration for 'tenants' created or updated
Will update '/nodesdn' with /etc/wazuh-indexer/opensearch-security/nodes_dn.yml
   SUCC: Configuration for 'nodesdn' created or updated
Will update '/whitelist' with /etc/wazuh-indexer/opensearch-security/whitelist.yml
   SUCC: Configuration for 'whitelist' created or updated
Will update '/audit' with /etc/wazuh-indexer/opensearch-security/audit.yml
   SUCC: Configuration for 'audit' created or updated
Will update '/allowlist' with /etc/wazuh-indexer/opensearch-security/allowlist.yml
   SUCC: Configuration for 'allowlist' created or updated
SUCC: Expected 10 config types for node {"updated_config_types":["allowlist","tenants","rolesmapping","nodesdn","audit","roles","whitelist","internalusers","actiongroups","config"],"updated_config_size":10,"message":null} is 10 (["allowlist","tenants","rolesmapping","nodesdn","audit","roles","whitelist","internalusers","actiongroups","config"]) due to: null
Done with success
root@node-1:~# curl -k -u admin:admin https://172.21.231.190:9200
{
  "name" : "node-1",
  "cluster_name" : "wazuh-cluster",
  "cluster_uuid" : "SyYAbllzSjqbr9FhnKDd0Q",
  "version" : {
    "number" : "7.10.2",
    "build_type" : "rpm",
    "build_hash" : "6f6e84ebc54af31a976f53af36a5c69d474a5140",
    "build_date" : "2022-09-09T00:07:12.137133581Z",
    "build_snapshot" : false,
    "lucene_version" : "9.3.0",
    "minimum_wire_compatibility_version" : "7.10.0",
    "minimum_index_compatibility_version" : "7.0.0"
  },
  "tagline" : "The OpenSearch Project: https://opensearch.org/"
}
root@node-1:~# curl -k -u admin:admin https://172.21.231.190:9200/_cat/nodes?v
ip             heap.percent ram.percent cpu load_1m load_5m load_15m node.role node.roles                                        cluster_manager name
172.21.231.190           35          47   0    0.10    0.05     0.00 dimr      cluster_manager,data,ingest,remote_cluster_client *               node-1
root@node-1:~#
Deploying certificates 🟢 
root@ubuntu2204:~# vim /etc/wazuh-indexer/opensearch.yml
root@ubuntu2204:~# cp wazuh-certificates.tar /tmp/
root@ubuntu2204:~# NODE_NAME=node-1
root@ubuntu2204:~# mkdir /etc/wazuh-indexer/certs
root@ubuntu2204:~# tar -xf ./wazuh-certificates.tar -C /etc/wazuh-indexer/certs/ ./$NODE_NAME.pem ./$NODE_NAME-key.pem ./admin.pem ./admin-key.pem ./root-ca.pem
root@ubuntu2204:~# mv -n /etc/wazuh-indexer/certs/$NODE_NAME.pem /etc/wazuh-indexer/certs/indexer.pem
root@ubuntu2204:~# mv -n /etc/wazuh-indexer/certs/$NODE_NAME-key.pem /etc/wazuh-indexer/certs/indexer-key.pem
root@ubuntu2204:~# chmod 500 /etc/wazuh-indexer/certs
root@ubuntu2204:~# chmod 400 /etc/wazuh-indexer/certs/*
root@ubuntu2204:~# chown -R wazuh-indexer:wazuh-indexer /etc/wazuh-indexer/certs
root@ubuntu2204:~# rm -f ./wazuh-certificates.tar
root@ubuntu2204:~# systemctl daemon-reload
root@ubuntu2204:~# systemctl enable wazuh-indexer
Synchronizing state of wazuh-indexer.service with SysV service script with /lib/systemd/systemd-sysv-install.
Executing: /lib/systemd/systemd-sysv-install enable wazuh-indexer
Created symlink /etc/systemd/system/multi-user.target.wants/wazuh-indexer.service → /lib/systemd/system/wazuh-indexer.service.
root@ubuntu2204:~# systemctl start wazuh-indexer
root@ubuntu2204:~# systemctl status wazuh-indexer
● wazuh-indexer.service - Wazuh-indexer
     Loaded: loaded (/lib/systemd/system/wazuh-indexer.service; enabled; vendor preset: enabled)
     Active: active (running) since Thu 2022-12-01 22:19:33 UTC; 24s ago
       Docs: https://documentation.wazuh.com
   Main PID: 4414 (java)
      Tasks: 68 (limit: 9405)
     Memory: 1.2G
        CPU: 22.097s
     CGroup: /system.slice/wazuh-indexer.service
             └─4414 /usr/share/wazuh-indexer/jdk/bin/java -Xshare:auto -Dopensearch.networkaddress.cache.ttl=60 -Dopensearch.ne>

Dec 01 22:19:25 node-1 systemd[1]: Starting Wazuh-indexer...
Dec 01 22:19:27 node-1 systemd-entrypoint[4414]: WARNING: A terminally deprecated method in java.lang.System has been called
Dec 01 22:19:27 node-1 systemd-entrypoint[4414]: WARNING: System::setSecurityManager has been called by org.opensearch.bootstra>
Dec 01 22:19:27 node-1 systemd-entrypoint[4414]: WARNING: Please consider reporting this to the maintainers of org.opensearch.b>
Dec 01 22:19:27 node-1 systemd-entrypoint[4414]: WARNING: System::setSecurityManager will be removed in a future release
Dec 01 22:19:27 node-1 systemd-entrypoint[4414]: WARNING: A terminally deprecated method in java.lang.System has been called
Dec 01 22:19:27 node-1 systemd-entrypoint[4414]: WARNING: System::setSecurityManager has been called by org.opensearch.bootstra>
Dec 01 22:19:27 node-1 systemd-entrypoint[4414]: WARNING: Please consider reporting this to the maintainers of org.opensearch.b>
Dec 01 22:19:27 node-1 systemd-entrypoint[4414]: WARNING: System::setSecurityManager will be removed in a future release
Dec 01 22:19:33 node-1 systemd[1]: Started Wazuh-indexer.
Installing the Wazuh manager 🟢 
root@ubuntu2204:~# apt-get install gnupg apt-transport-https
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
gnupg is already the newest version (2.2.27-3ubuntu2.1).
The following NEW packages will be installed:
  apt-transport-https
0 upgraded, 1 newly installed, 0 to remove and 0 not upgraded.
Need to get 1,506 B of archives.
After this operation, 169 kB of additional disk space will be used.
Do you want to continue? [Y/n] Y
Get:1 https://mirrors.edge.kernel.org/ubuntu jammy-updates/universe amd64 apt-transport-https all 2.4.8 [1,506 B]
Fetched 1,506 B in 1s (1,698 B/s)
Selecting previously unselected package apt-transport-https.
(Reading database ... 75386 files and directories currently installed.)
Preparing to unpack .../apt-transport-https_2.4.8_all.deb ...
Unpacking apt-transport-https (2.4.8) ...
Setting up apt-transport-https (2.4.8) ...
Scanning processes...
Scanning linux images...

deb [signed-by=/usr/share/keyrings/wazuh.gpg] https://packages-dev.wazuh.com/pre-release/apt/ unstable main
Running kernel seems to be up-to-date.

No services need to be restarted.

No containers need to be restarted.

No user sessions are running outdated binaries.

No VM guests are running outdated hypervisor (qemu) binaries on this host.
root@ubuntu2204:~# curl -s https://packages-dev.wazuh.com/key/GPG-KEY-WAZUH | gpg --no-default-keyring --keyring gnupg-ring:/usr
/share/keyrings/wazuh.gpg --import && chmod 644 /usr/share/keyrings/wazuh.gpg
gpg: keyring '/usr/share/keyrings/wazuh.gpg' created
gpg: directory '/root/.gnupg' created
gpg: /root/.gnupg/trustdb.gpg: trustdb created
gpg: key 96B3EE5F29111145: public key "Wazuh.com (Wazuh Signing Key) <support@wazuh.com>" imported
gpg: Total number processed: 1
gpg:               imported: 1
root@ubuntu2204:~# echo "deb [signed-by=/usr/share/keyrings/wazuh.gpg] https://packages-dev.wazuh.com/pre-release/apt/ unstable main
" | tee -a /etc/apt/sources.list.d/wazuh.list
deb [signed-by=/usr/share/keyrings/wazuh.gpg] https://packages.wazuh.com/pre-release/apt/ unstable main
root@ubuntu2204:~# apt-get update
Hit:1 https://mirrors.edge.kernel.org/ubuntu jammy InRelease
Get:2 https://mirrors.edge.kernel.org/ubuntu jammy-updates InRelease [114 kB]
Get:3 https://mirrors.edge.kernel.org/ubuntu jammy-backports InRelease [99.8 kB]
Get:4 https://mirrors.edge.kernel.org/ubuntu jammy-security InRelease [110 kB]
Get:5 https://mirrors.edge.kernel.org/ubuntu jammy-updates/main amd64 Packages [753 kB]
Get:6 https://mirrors.edge.kernel.org/ubuntu jammy-updates/main Translation-en [169 kB]
Get:7 https://mirrors.edge.kernel.org/ubuntu jammy-updates/main amd64 c-n-f Metadata [11.3 kB]
Get:8 https://mirrors.edge.kernel.org/ubuntu jammy-updates/restricted amd64 Packages [475 kB]
Get:9 https://mirrors.edge.kernel.org/ubuntu jammy-updates/restricted Translation-en [72.7 kB]
Get:10 https://mirrors.edge.kernel.org/ubuntu jammy-updates/universe amd64 Packages [761 kB]
Get:11 https://mirrors.edge.kernel.org/ubuntu jammy-updates/universe Translation-en [128 kB]
Get:12 https://mirrors.edge.kernel.org/ubuntu jammy-updates/universe amd64 c-n-f Metadata [14.0 kB]
Get:13 https://mirrors.edge.kernel.org/ubuntu jammy-updates/multiverse amd64 c-n-f Metadata [420 B]
Get:14 https://mirrors.edge.kernel.org/ubuntu jammy-backports/universe amd64 Packages [6,736 B]
Get:15 https://mirrors.edge.kernel.org/ubuntu jammy-backports/universe Translation-en [9,460 B]
Get:16 https://mirrors.edge.kernel.org/ubuntu jammy-backports/universe amd64 c-n-f Metadata [348 B]
Get:17 https://mirrors.edge.kernel.org/ubuntu jammy-security/main amd64 Packages [520 kB]
Get:18 https://mirrors.edge.kernel.org/ubuntu jammy-security/main Translation-en [112 kB]
Get:19 https://mirrors.edge.kernel.org/ubuntu jammy-security/main amd64 c-n-f Metadata [7,200 B]
Get:20 https://mirrors.edge.kernel.org/ubuntu jammy-security/restricted amd64 Packages [438 kB]
Get:21 https://mirrors.edge.kernel.org/ubuntu jammy-security/restricted Translation-en [67.3 kB]
Get:22 https://mirrors.edge.kernel.org/ubuntu jammy-security/restricted amd64 c-n-f Metadata [584 B]
Get:23 https://mirrors.edge.kernel.org/ubuntu jammy-security/universe amd64 Packages [622 kB]
Get:24 https://mirrors.edge.kernel.org/ubuntu jammy-security/universe Translation-en [81.5 kB]
Get:25 https://mirrors.edge.kernel.org/ubuntu jammy-security/universe amd64 c-n-f Metadata [11.0 kB]
Get:26 https://mirrors.edge.kernel.org/ubuntu jammy-security/multiverse amd64 c-n-f Metadata [228 B]
Get:27 https://packages-dev.wazuh.com/pre-release/apt unstable InRelease [17.3 kB]
Get:28 https://packages-dev.wazuh.com/pre-release/apt unstable/main amd64 Packages [26.6 kB]
Fetched 43.9 kB in 2s (21.6 kB/s)
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
22 packages can be upgraded. Run 'apt list --upgradable' to see them.
root@ubuntu2204:~# apt-get -y install wazuh-manager
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
Suggested packages:
  expect
The following NEW packages will be installed:
  wazuh-manager
0 upgraded, 1 newly installed, 0 to remove and 22 not upgraded.
Need to get 122 MB of archives.
After this operation, 467 MB of additional disk space will be used.
Get:1 https://packages-dev.wazuh.com/pre-release/apt unstable/main amd64 wazuh-manager amd64 4.4.0-1 [122 MB]
Fetched 122 MB in 7s (17.7 MB/s)
Selecting previously unselected package wazuh-manager.
(Reading database ... 75390 files and directories currently installed.)
Preparing to unpack .../wazuh-manager_4.4.0-1_amd64.deb ...
Unpacking wazuh-manager (4.4.0-1) ...
Setting up wazuh-manager (4.4.0-1) ...
Scanning processes...
Scanning linux images...

Running kernel seems to be up-to-date.

No services need to be restarted.

No containers need to be restarted.

No user sessions are running outdated binaries.

No VM guests are running outdated hypervisor (qemu) binaries on this host.
root@ubuntu2204:~# systemctl daemon-reload
root@ubuntu2204:~# systemctl enable wazuh-manager
Synchronizing state of wazuh-manager.service with SysV service script with /lib/systemd/systemd-sysv-install.
Executing: /lib/systemd/systemd-sysv-install enable wazuh-manager
Created symlink /etc/systemd/system/multi-user.target.wants/wazuh-manager.service → /lib/systemd/system/wazuh-manager.service.
root@ubuntu2204:~# systemctl start wazuh-manager
root@ubuntu2204:~# systemctl status wazuh-manager
● wazuh-manager.service - Wazuh manager
     Loaded: loaded (/lib/systemd/system/wazuh-manager.service; enabled; vendor preset: enabled)
     Active: active (running) since Thu 2022-12-01 22:26:01 UTC; 5s ago
    Process: 41936 ExecStart=/usr/bin/env /var/ossec/bin/wazuh-control start (code=exited, status=0/SUCCESS)
      Tasks: 173 (limit: 9405)
     Memory: 496.9M
        CPU: 12.406s
     CGroup: /system.slice/wazuh-manager.service
             ├─41992 /var/ossec/framework/python/bin/python3 /var/ossec/api/scripts/wazuh-apid.py
             ├─42031 /var/ossec/bin/wazuh-authd
             ├─42047 /var/ossec/bin/wazuh-db
             ├─42071 /var/ossec/bin/wazuh-execd
             ├─42075 /var/ossec/framework/python/bin/python3 /var/ossec/api/scripts/wazuh-apid.py
             ├─42078 /var/ossec/framework/python/bin/python3 /var/ossec/api/scripts/wazuh-apid.py
             ├─42091 /var/ossec/bin/wazuh-analysisd
             ├─42188 /var/ossec/bin/wazuh-syscheckd
             ├─42204 /var/ossec/bin/wazuh-remoted
             ├─42215 /var/ossec/bin/wazuh-logcollector
             ├─42225 /var/ossec/bin/wazuh-monitord
             └─42247 /var/ossec/bin/wazuh-modulesd

Dec 01 22:25:53 wazuh-1 env[41936]: Started wazuh-db...
Dec 01 22:25:54 wazuh-1 env[41936]: Started wazuh-execd...
Dec 01 22:25:55 wazuh-1 env[41936]: Started wazuh-analysisd...
Dec 01 22:25:56 wazuh-1 env[41936]: Started wazuh-syscheckd...
Dec 01 22:25:57 wazuh-1 env[41936]: Started wazuh-remoted...
Dec 01 22:25:57 wazuh-1 env[41936]: Started wazuh-logcollector...
Dec 01 22:25:58 wazuh-1 env[41936]: Started wazuh-monitord...
Dec 01 22:25:59 wazuh-1 env[41936]: Started wazuh-modulesd...
Dec 01 22:26:01 wazuh-1 env[41936]: Completed.
Dec 01 22:26:01 wazuh-1 systemd[1]: Started Wazuh manager.
Installing Filebeat 🟢 
root@ubuntu2204:~# apt-get -y install filebeat
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
The following NEW packages will be installed:
  filebeat
0 upgraded, 1 newly installed, 0 to remove and 22 not upgraded.
Need to get 22.1 MB of archives.
After this operation, 73.6 MB of additional disk space will be used.
Get:1 https://packages-dev.wazuh.com/pre-release/apt unstable/main amd64 filebeat amd64 7.10.2 [22.1 MB]
Fetched 22.1 MB in 3s (7,550 kB/s)
Selecting previously unselected package filebeat.
(Reading database ... 94125 files and directories currently installed.)
Preparing to unpack .../filebeat_7.10.2_amd64.deb ...
Unpacking filebeat (7.10.2) ...
Setting up filebeat (7.10.2) ...
Scanning processes...
Scanning linux images...

Running kernel seems to be up-to-date.

No services need to be restarted.

No containers need to be restarted.

No user sessions are running outdated binaries.

No VM guests are running outdated hypervisor (qemu) binaries on this host.
root@ubuntu2204:~# curl -so /etc/filebeat/filebeat.yml https://packages-dev.wazuh.com/4.4/tpl/wazuh/filebeat/filebeat.yml
root@ubuntu2204:~# vim /etc/filebeat/filebeat.yml
root@ubuntu2204:~# filebeat keystore create
Created filebeat keystore
root@ubuntu2204:~# echo admin | filebeat keystore add username --stdin --force
Successfully updated the keystore
root@ubuntu2204:~# echo admin | filebeat keystore add password --stdin --force
Successfully updated the keystore
root@ubuntu2204:~# curl -so /etc/filebeat/wazuh-template.json https://raw.githubusercontent.com/wazuh/wazuh/4.4/extensions/elasticsearch/7.x/wazuh-template.json
root@ubuntu2204:~# chmod go+r /etc/filebeat/wazuh-template.json
root@ubuntu2204:~# curl -s https://packages-dev.wazuh.com/4.x/filebeat/wazuh-filebeat-0.2.tar.gz | tar -xvz -C /usr/share/filebeat/module
wazuh/alerts/
wazuh/alerts/config/
wazuh/alerts/config/alerts.yml
wazuh/alerts/manifest.yml
wazuh/alerts/ingest/
wazuh/alerts/ingest/pipeline.json
wazuh/archives/
wazuh/archives/config/
wazuh/archives/config/archives.yml
wazuh/archives/manifest.yml
wazuh/archives/ingest/
wazuh/archives/ingest/pipeline.json
wazuh/module.yml
root@ubuntu2204:~# NODE_NAME=wazuh-1
root@ubuntu2204:~# mkdir /etc/filebeat/certs
root@ubuntu2204:~# ls
snap  truncate
root@ubuntu2204:~# cp /home/vagrant/
.bash_history  .bash_logout   .bashrc        .cache/        .profile       server         .ssh/          .vimrc
root@ubuntu2204:~# cp /tmp/wa^C
root@ubuntu2204:~# ls /tmp/
snap.lxd
snap-private-tmp
systemd-private-0b9fd002e3c948beadba09d14fa26e3f-fwupd.service-TMJpHC
systemd-private-0b9fd002e3c948beadba09d14fa26e3f-ModemManager.service-1Uuooi
systemd-private-0b9fd002e3c948beadba09d14fa26e3f-systemd-logind.service-9cEbgb
systemd-private-0b9fd002e3c948beadba09d14fa26e3f-systemd-resolved.service-m4bg4A
systemd-private-0b9fd002e3c948beadba09d14fa26e3f-systemd-timesyncd.service-fEXQPQ
systemd-private-0b9fd002e3c948beadba09d14fa26e3f-upower.service-he6CtD
root@ubuntu2204:~# ls
snap  truncate
root@ubuntu2204:~# ls /home/vagrant/
server
root@ubuntu2204:~# ls /home/vagrant/server
/home/vagrant/server
root@ubuntu2204:~# file /home/vagrant/server
/home/vagrant/server: POSIX tar archive (GNU)
root@ubuntu2204:~# mv mkdir /etc/filebeat/certs wazuh-certificates.tar
mv: target 'wazuh-certificates.tar' is not a directory
root@ubuntu2204:~# mv ^Ceat/certs wazuh-certificates.tar
root@ubuntu2204:~# mv /home/vagrant/server wazuh-certificates.tar
root@ubuntu2204:~# tar -xf ./wazuh-certificates.tar -C /etc/filebeat/certs/ ./$NODE_NAME.pem ./$NODE_NAME-key.pem ./root-ca.pem
root@ubuntu2204:~# mv -n /etc/filebeat/certs/$NODE_NAME.pem /etc/filebeat/certs/filebeat.pem
root@ubuntu2204:~# mv -n /etc/filebeat/certs/$NODE_NAME-key.pem /etc/filebeat/certs/filebeat-key.pem
root@ubuntu2204:~# chmod 500 /etc/filebeat/certs
root@ubuntu2204:~# chmod 400 /etc/filebeat/certs/*
root@ubuntu2204:~# chown -R root:root /etc/filebeat/certs
root@ubuntu2204:~# systemctl daemon-reload
root@ubuntu2204:~# systemctl enable filebeat
Synchronizing state of filebeat.service with SysV service script with /lib/systemd/systemd-sysv-install.
Executing: /lib/systemd/systemd-sysv-install enable filebeat
Created symlink /etc/systemd/system/multi-user.target.wants/filebeat.service → /lib/systemd/system/filebeat.service.
root@ubuntu2204:~# systemctl start filebeat
root@ubuntu2204:~# filebeat test output
elasticsearch: https://172.21.231.190:9200...
  parse url... OK
  connection...
    parse host... OK
    dns lookup... OK
    addresses: 172.21.231.190
    dial up... OK
  TLS...
    security: server's certificate chain verification is enabled
    handshake... OK
    TLS version: TLSv1.3
    dial up... OK
  talk to server... OK
  version: 7.10.2
Wazuh dashboard installation 🟢 
root@ubuntu2204:~# apt-get install debhelper tar curl libcap2-bin #debhelper version 9 or later
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
libcap2-bin is already the newest version (1:2.44-1build3).
libcap2-bin set to manually installed.
tar is already the newest version (1.34+dfsg-1build3).
tar set to manually installed.
curl is already the newest version (7.81.0-1ubuntu1.6).
The following additional packages will be installed:
  autoconf automake autopoint autotools-dev build-essential bzip2 cpp cpp-11 debugedit dh-autoreconf dh-strip-nondeterminism
  dpkg-dev dwz fakeroot fontconfig-config fonts-dejavu-core g++ g++-11 gcc gcc-11 gcc-11-base gettext intltool-debian
  libalgorithm-diff-perl libalgorithm-diff-xs-perl libalgorithm-merge-perl libarchive-cpio-perl libarchive-zip-perl libasan6
  libatomic1 libc-dev-bin libc-devtools libc6-dev libcc1-0 libcrypt-dev libdebhelper-perl libdeflate0 libdpkg-perl libfakeroot
  libfile-fcntllock-perl libfile-stripnondeterminism-perl libfontconfig1 libgcc-11-dev libgd3 libgomp1 libisl23 libitm1
  libjbig0 libjpeg-turbo8 libjpeg8 liblsan0 libltdl-dev libltdl7 libmail-sendmail-perl libmpc3 libnsl-dev libquadmath0
  libstdc++-11-dev libsub-override-perl libsys-hostname-long-perl libtiff5 libtirpc-dev libtool libtsan0 libubsan1 libwebp7
  libxpm4 linux-libc-dev lto-disabled-list m4 make manpages-dev po-debconf rpcsvc-proto
Suggested packages:
  autoconf-archive gnu-standards autoconf-doc bzip2-doc cpp-doc gcc-11-locales dh-make debian-keyring g++-multilib
  g++-11-multilib gcc-11-doc gcc-multilib flex bison gdb gcc-doc gcc-11-multilib gettext-doc libasprintf-dev libgettextpo-dev
  glibc-doc bzr libgd-tools libtool-doc libstdc++-11-doc gfortran | fortran95-compiler gcj-jdk m4-doc make-doc
  libmail-box-perl
The following NEW packages will be installed:
  autoconf automake autopoint autotools-dev build-essential bzip2 cpp cpp-11 debhelper debugedit dh-autoreconf
  dh-strip-nondeterminism dpkg-dev dwz fakeroot fontconfig-config fonts-dejavu-core g++ g++-11 gcc gcc-11 gcc-11-base gettext
  intltool-debian libalgorithm-diff-perl libalgorithm-diff-xs-perl libalgorithm-merge-perl libarchive-cpio-perl
  libarchive-zip-perl libasan6 libatomic1 libc-dev-bin libc-devtools libc6-dev libcc1-0 libcrypt-dev libdebhelper-perl
  libdeflate0 libdpkg-perl libfakeroot libfile-fcntllock-perl libfile-stripnondeterminism-perl libfontconfig1 libgcc-11-dev
  libgd3 libgomp1 libisl23 libitm1 libjbig0 libjpeg-turbo8 libjpeg8 liblsan0 libltdl-dev libltdl7 libmail-sendmail-perl
  libmpc3 libnsl-dev libquadmath0 libstdc++-11-dev libsub-override-perl libsys-hostname-long-perl libtiff5 libtirpc-dev
  libtool libtsan0 libubsan1 libwebp7 libxpm4 linux-libc-dev lto-disabled-list m4 make manpages-dev po-debconf rpcsvc-proto
0 upgraded, 75 newly installed, 0 to remove and 0 not upgraded.
Need to get 68.1 MB of archives.
After this operation, 220 MB of additional disk space will be used.
Do you want to continue? [Y/n]
Get:1 https://mirrors.edge.kernel.org/ubuntu jammy/main amd64 m4 amd64 1.4.18-5ubuntu2 [199 kB]
Get:2 https://mirrors.edge.kernel.org/ubuntu jammy/main amd64 autoconf all 2.71-2 [338 kB]
Get:3 https://mirrors.edge.kernel.org/ubuntu jammy/main amd64 autotools-dev all 20220109.1 [44.9 kB]
Get:4 https://mirrors.edge.kernel.org/ubuntu jammy/main amd64 automake all 1:1.16.5-1.3 [558 kB]
Get:5 https://mirrors.edge.kernel.org/ubuntu jammy/main amd64 autopoint all 0.21-4ubuntu4 [422 kB]
Get:6 https://mirrors.edge.kernel.org/ubuntu jammy-updates/main amd64 libc-dev-bin amd64 2.35-0ubuntu3.1 [20.4 kB]
Get:7 https://mirrors.edge.kernel.org/ubuntu jammy-updates/main amd64 linux-libc-dev amd64 5.15.0-53.59 [1,344 kB]
Get:8 https://mirrors.edge.kernel.org/ubuntu jammy/main amd64 libcrypt-dev amd64 1:4.4.27-1 [112 kB]
Get:9 https://mirrors.edge.kernel.org/ubuntu jammy/main amd64 rpcsvc-proto amd64 1.4.2-0ubuntu6 [68.5 kB]
Get:10 https://mirrors.edge.kernel.org/ubuntu jammy-updates/main amd64 libtirpc-dev amd64 1.3.2-2ubuntu0.1 [192 kB]
Get:11 https://mirrors.edge.kernel.org/ubuntu jammy/main amd64 libnsl-dev amd64 1.3.0-2build2 [71.3 kB]
Get:12 https://mirrors.edge.kernel.org/ubuntu jammy-updates/main amd64 libc6-dev amd64 2.35-0ubuntu3.1 [2,099 kB]
Get:13 https://mirrors.edge.kernel.org/ubuntu jammy-updates/main amd64 gcc-11-base amd64 11.3.0-1ubuntu1~22.04 [20.8 kB]
Get:14 https://mirrors.edge.kernel.org/ubuntu jammy/main amd64 libisl23 amd64 0.24-2build1 [727 kB]
Get:15 https://mirrors.edge.kernel.org/ubuntu jammy/main amd64 libmpc3 amd64 1.2.1-2build1 [46.9 kB]
Get:16 https://mirrors.edge.kernel.org/ubuntu jammy-updates/main amd64 cpp-11 amd64 11.3.0-1ubuntu1~22.04 [9,967 kB]
Get:17 https://mirrors.edge.kernel.org/ubuntu jammy/main amd64 cpp amd64 4:11.2.0-1ubuntu1 [27.7 kB]
Get:18 https://mirrors.edge.kernel.org/ubuntu jammy-updates/main amd64 libcc1-0 amd64 12.1.0-2ubuntu1~22.04 [47.4 kB]
Get:19 https://mirrors.edge.kernel.org/ubuntu jammy-updates/main amd64 libgomp1 amd64 12.1.0-2ubuntu1~22.04 [126 kB]
Get:20 https://mirrors.edge.kernel.org/ubuntu jammy-updates/main amd64 libitm1 amd64 12.1.0-2ubuntu1~22.04 [30.2 kB]
Get:21 https://mirrors.edge.kernel.org/ubuntu jammy-updates/main amd64 libatomic1 amd64 12.1.0-2ubuntu1~22.04 [10.4 kB]
Get:22 https://mirrors.edge.kernel.org/ubuntu jammy-updates/main amd64 libasan6 amd64 11.3.0-1ubuntu1~22.04 [2,284 kB]
Get:23 https://mirrors.edge.kernel.org/ubuntu jammy-updates/main amd64 liblsan0 amd64 12.1.0-2ubuntu1~22.04 [1,069 kB]
Get:24 https://mirrors.edge.kernel.org/ubuntu jammy-updates/main amd64 libtsan0 amd64 11.3.0-1ubuntu1~22.04 [2,262 kB]
Get:25 https://mirrors.edge.kernel.org/ubuntu jammy-updates/main amd64 libubsan1 amd64 12.1.0-2ubuntu1~22.04 [976 kB]
Get:26 https://mirrors.edge.kernel.org/ubuntu jammy-updates/main amd64 libquadmath0 amd64 12.1.0-2ubuntu1~22.04 [154 kB]
Get:27 https://mirrors.edge.kernel.org/ubuntu jammy-updates/main amd64 libgcc-11-dev amd64 11.3.0-1ubuntu1~22.04 [2,517 kB]
Get:28 https://mirrors.edge.kernel.org/ubuntu jammy-updates/main amd64 gcc-11 amd64 11.3.0-1ubuntu1~22.04 [20.1 MB]
Get:29 https://mirrors.edge.kernel.org/ubuntu jammy/main amd64 gcc amd64 4:11.2.0-1ubuntu1 [5,112 B]
Get:30 https://mirrors.edge.kernel.org/ubuntu jammy-updates/main amd64 libstdc++-11-dev amd64 11.3.0-1ubuntu1~22.04 [2,087 kB]
Get:31 https://mirrors.edge.kernel.org/ubuntu jammy-updates/main amd64 g++-11 amd64 11.3.0-1ubuntu1~22.04 [11.4 MB]
Get:32 https://mirrors.edge.kernel.org/ubuntu jammy/main amd64 g++ amd64 4:11.2.0-1ubuntu1 [1,412 B]
Get:33 https://mirrors.edge.kernel.org/ubuntu jammy/main amd64 make amd64 4.3-4.1build1 [180 kB]
Get:34 https://mirrors.edge.kernel.org/ubuntu jammy-updates/main amd64 libdpkg-perl all 1.21.1ubuntu2.1 [237 kB]
Get:35 https://mirrors.edge.kernel.org/ubuntu jammy/main amd64 bzip2 amd64 1.0.8-5build1 [34.8 kB]
Get:36 https://mirrors.edge.kernel.org/ubuntu jammy/main amd64 lto-disabled-list all 24 [12.5 kB]
Get:37 https://mirrors.edge.kernel.org/ubuntu jammy-updates/main amd64 dpkg-dev all 1.21.1ubuntu2.1 [922 kB]
Get:38 https://mirrors.edge.kernel.org/ubuntu jammy/main amd64 build-essential amd64 12.9ubuntu3 [4,744 B]
Get:39 https://mirrors.edge.kernel.org/ubuntu jammy/main amd64 libdebhelper-perl all 13.6ubuntu1 [67.2 kB]
Get:40 https://mirrors.edge.kernel.org/ubuntu jammy/main amd64 libtool all 2.4.6-15build2 [164 kB]
Get:41 https://mirrors.edge.kernel.org/ubuntu jammy/main amd64 dh-autoreconf all 20 [16.1 kB]
Get:42 https://mirrors.edge.kernel.org/ubuntu jammy/main amd64 libarchive-zip-perl all 1.68-1 [90.2 kB]
Get:43 https://mirrors.edge.kernel.org/ubuntu jammy/main amd64 libsub-override-perl all 0.09-2 [9,532 B]
Get:44 https://mirrors.edge.kernel.org/ubuntu jammy/main amd64 libfile-stripnondeterminism-perl all 1.13.0-1 [18.1 kB]
Get:45 https://mirrors.edge.kernel.org/ubuntu jammy/main amd64 dh-strip-nondeterminism all 1.13.0-1 [5,344 B]
Get:46 https://mirrors.edge.kernel.org/ubuntu jammy/main amd64 debugedit amd64 1:5.0-4build1 [47.2 kB]
Get:47 https://mirrors.edge.kernel.org/ubuntu jammy/main amd64 dwz amd64 0.14-1build2 [105 kB]
Get:48 https://mirrors.edge.kernel.org/ubuntu jammy/main amd64 gettext amd64 0.21-4ubuntu4 [868 kB]
Get:49 https://mirrors.edge.kernel.org/ubuntu jammy/main amd64 intltool-debian all 0.35.0+20060710.5 [24.9 kB]
Get:50 https://mirrors.edge.kernel.org/ubuntu jammy/main amd64 po-debconf all 1.0.21+nmu1 [233 kB]
Get:51 https://mirrors.edge.kernel.org/ubuntu jammy/main amd64 debhelper all 13.6ubuntu1 [923 kB]
Get:52 https://mirrors.edge.kernel.org/ubuntu jammy/main amd64 libfakeroot amd64 1.28-1ubuntu1 [31.5 kB]
Get:53 https://mirrors.edge.kernel.org/ubuntu jammy/main amd64 fakeroot amd64 1.28-1ubuntu1 [60.4 kB]
Get:54 https://mirrors.edge.kernel.org/ubuntu jammy/main amd64 fonts-dejavu-core all 2.37-2build1 [1,041 kB]
Get:55 https://mirrors.edge.kernel.org/ubuntu jammy/main amd64 fontconfig-config all 2.13.1-4.2ubuntu5 [29.1 kB]
Get:56 https://mirrors.edge.kernel.org/ubuntu jammy/main amd64 libalgorithm-diff-perl all 1.201-1 [41.8 kB]
Get:57 https://mirrors.edge.kernel.org/ubuntu jammy/main amd64 libalgorithm-diff-xs-perl amd64 0.04-6build3 [11.9 kB]
Get:58 https://mirrors.edge.kernel.org/ubuntu jammy/main amd64 libalgorithm-merge-perl all 0.08-3 [12.0 kB]
Get:59 https://mirrors.edge.kernel.org/ubuntu jammy/main amd64 libarchive-cpio-perl all 0.10-1.1 [9,928 B]
Get:60 https://mirrors.edge.kernel.org/ubuntu jammy/main amd64 libfontconfig1 amd64 2.13.1-4.2ubuntu5 [131 kB]
Get:61 https://mirrors.edge.kernel.org/ubuntu jammy/main amd64 libjpeg-turbo8 amd64 2.1.2-0ubuntu1 [134 kB]
Get:62 https://mirrors.edge.kernel.org/ubuntu jammy/main amd64 libjpeg8 amd64 8c-2ubuntu10 [2,264 B]
Get:63 https://mirrors.edge.kernel.org/ubuntu jammy/main amd64 libdeflate0 amd64 1.10-2 [70.9 kB]
Get:64 https://mirrors.edge.kernel.org/ubuntu jammy/main amd64 libjbig0 amd64 2.1-3.1build3 [28.9 kB]
Get:65 https://mirrors.edge.kernel.org/ubuntu jammy/main amd64 libwebp7 amd64 1.2.2-2 [206 kB]
Get:66 https://mirrors.edge.kernel.org/ubuntu jammy-updates/main amd64 libtiff5 amd64 4.3.0-6ubuntu0.2 [184 kB]
Get:67 https://mirrors.edge.kernel.org/ubuntu jammy/main amd64 libxpm4 amd64 1:3.5.12-1build2 [36.2 kB]
Get:68 https://mirrors.edge.kernel.org/ubuntu jammy/main amd64 libgd3 amd64 2.3.0-2ubuntu2 [129 kB]
Get:69 https://mirrors.edge.kernel.org/ubuntu jammy-updates/main amd64 libc-devtools amd64 2.35-0ubuntu3.1 [28.9 kB]
Get:70 https://mirrors.edge.kernel.org/ubuntu jammy/main amd64 libfile-fcntllock-perl amd64 0.22-3build7 [33.9 kB]
Get:71 https://mirrors.edge.kernel.org/ubuntu jammy/main amd64 libltdl7 amd64 2.4.6-15build2 [39.6 kB]
Get:72 https://mirrors.edge.kernel.org/ubuntu jammy/main amd64 libltdl-dev amd64 2.4.6-15build2 [169 kB]
Get:73 https://mirrors.edge.kernel.org/ubuntu jammy/main amd64 libsys-hostname-long-perl all 1.5-2 [11.5 kB]
Get:74 https://mirrors.edge.kernel.org/ubuntu jammy/main amd64 libmail-sendmail-perl all 0.80-1.1 [22.7 kB]
Get:75 https://mirrors.edge.kernel.org/ubuntu jammy/main amd64 manpages-dev all 5.10-1ubuntu1 [2,309 kB]
Fetched 68.1 MB in 2s (29.1 MB/s)
Extracting templates from packages: 100%
Selecting previously unselected package m4.
(Reading database ... 75386 files and directories currently installed.)
Preparing to unpack .../00-m4_1.4.18-5ubuntu2_amd64.deb ...
Unpacking m4 (1.4.18-5ubuntu2) ...
Selecting previously unselected package autoconf.
Preparing to unpack .../01-autoconf_2.71-2_all.deb ...
Unpacking autoconf (2.71-2) ...
Selecting previously unselected package autotools-dev.
Preparing to unpack .../02-autotools-dev_20220109.1_all.deb ...
Unpacking autotools-dev (20220109.1) ...
Selecting previously unselected package automake.
Preparing to unpack .../03-automake_1%3a1.16.5-1.3_all.deb ...
Unpacking automake (1:1.16.5-1.3) ...
Selecting previously unselected package autopoint.
Preparing to unpack .../04-autopoint_0.21-4ubuntu4_all.deb ...
Unpacking autopoint (0.21-4ubuntu4) ...
Selecting previously unselected package libc-dev-bin.
Preparing to unpack .../05-libc-dev-bin_2.35-0ubuntu3.1_amd64.deb ...
Unpacking libc-dev-bin (2.35-0ubuntu3.1) ...
Selecting previously unselected package linux-libc-dev:amd64.
Preparing to unpack .../06-linux-libc-dev_5.15.0-53.59_amd64.deb ...
Unpacking linux-libc-dev:amd64 (5.15.0-53.59) ...
Selecting previously unselected package libcrypt-dev:amd64.
Preparing to unpack .../07-libcrypt-dev_1%3a4.4.27-1_amd64.deb ...
Unpacking libcrypt-dev:amd64 (1:4.4.27-1) ...
Selecting previously unselected package rpcsvc-proto.
Preparing to unpack .../08-rpcsvc-proto_1.4.2-0ubuntu6_amd64.deb ...
Unpacking rpcsvc-proto (1.4.2-0ubuntu6) ...
Selecting previously unselected package libtirpc-dev:amd64.
Preparing to unpack .../09-libtirpc-dev_1.3.2-2ubuntu0.1_amd64.deb ...
Unpacking libtirpc-dev:amd64 (1.3.2-2ubuntu0.1) ...
Selecting previously unselected package libnsl-dev:amd64.
Preparing to unpack .../10-libnsl-dev_1.3.0-2build2_amd64.deb ...
Unpacking libnsl-dev:amd64 (1.3.0-2build2) ...
Selecting previously unselected package libc6-dev:amd64.
Preparing to unpack .../11-libc6-dev_2.35-0ubuntu3.1_amd64.deb ...
Unpacking libc6-dev:amd64 (2.35-0ubuntu3.1) ...
Selecting previously unselected package gcc-11-base:amd64.
Preparing to unpack .../12-gcc-11-base_11.3.0-1ubuntu1~22.04_amd64.deb ...
Unpacking gcc-11-base:amd64 (11.3.0-1ubuntu1~22.04) ...
Selecting previously unselected package libisl23:amd64.
Preparing to unpack .../13-libisl23_0.24-2build1_amd64.deb ...
Unpacking libisl23:amd64 (0.24-2build1) ...
Selecting previously unselected package libmpc3:amd64.
Preparing to unpack .../14-libmpc3_1.2.1-2build1_amd64.deb ...
Unpacking libmpc3:amd64 (1.2.1-2build1) ...
Selecting previously unselected package cpp-11.
Preparing to unpack .../15-cpp-11_11.3.0-1ubuntu1~22.04_amd64.deb ...
Unpacking cpp-11 (11.3.0-1ubuntu1~22.04) ...
Selecting previously unselected package cpp.
Preparing to unpack .../16-cpp_4%3a11.2.0-1ubuntu1_amd64.deb ...
Unpacking cpp (4:11.2.0-1ubuntu1) ...
Selecting previously unselected package libcc1-0:amd64.
Preparing to unpack .../17-libcc1-0_12.1.0-2ubuntu1~22.04_amd64.deb ...
Unpacking libcc1-0:amd64 (12.1.0-2ubuntu1~22.04) ...
Selecting previously unselected package libgomp1:amd64.
Preparing to unpack .../18-libgomp1_12.1.0-2ubuntu1~22.04_amd64.deb ...
Unpacking libgomp1:amd64 (12.1.0-2ubuntu1~22.04) ...
Selecting previously unselected package libitm1:amd64.
Preparing to unpack .../19-libitm1_12.1.0-2ubuntu1~22.04_amd64.deb ...
Unpacking libitm1:amd64 (12.1.0-2ubuntu1~22.04) ...
Selecting previously unselected package libatomic1:amd64.
Preparing to unpack .../20-libatomic1_12.1.0-2ubuntu1~22.04_amd64.deb ...
Unpacking libatomic1:amd64 (12.1.0-2ubuntu1~22.04) ...
Selecting previously unselected package libasan6:amd64.
Preparing to unpack .../21-libasan6_11.3.0-1ubuntu1~22.04_amd64.deb ...
Unpacking libasan6:amd64 (11.3.0-1ubuntu1~22.04) ...
Selecting previously unselected package liblsan0:amd64.
Preparing to unpack .../22-liblsan0_12.1.0-2ubuntu1~22.04_amd64.deb ...
Unpacking liblsan0:amd64 (12.1.0-2ubuntu1~22.04) ...
Selecting previously unselected package libtsan0:amd64.
Preparing to unpack .../23-libtsan0_11.3.0-1ubuntu1~22.04_amd64.deb ...
Unpacking libtsan0:amd64 (11.3.0-1ubuntu1~22.04) ...
Selecting previously unselected package libubsan1:amd64.
Preparing to unpack .../24-libubsan1_12.1.0-2ubuntu1~22.04_amd64.deb ...
Unpacking libubsan1:amd64 (12.1.0-2ubuntu1~22.04) ...
Selecting previously unselected package libquadmath0:amd64.
Preparing to unpack .../25-libquadmath0_12.1.0-2ubuntu1~22.04_amd64.deb ...
Unpacking libquadmath0:amd64 (12.1.0-2ubuntu1~22.04) ...
Selecting previously unselected package libgcc-11-dev:amd64.
Preparing to unpack .../26-libgcc-11-dev_11.3.0-1ubuntu1~22.04_amd64.deb ...
Unpacking libgcc-11-dev:amd64 (11.3.0-1ubuntu1~22.04) ...
Selecting previously unselected package gcc-11.
Preparing to unpack .../27-gcc-11_11.3.0-1ubuntu1~22.04_amd64.deb ...
Unpacking gcc-11 (11.3.0-1ubuntu1~22.04) ...
Selecting previously unselected package gcc.
Preparing to unpack .../28-gcc_4%3a11.2.0-1ubuntu1_amd64.deb ...
Unpacking gcc (4:11.2.0-1ubuntu1) ...
Selecting previously unselected package libstdc++-11-dev:amd64.
Preparing to unpack .../29-libstdc++-11-dev_11.3.0-1ubuntu1~22.04_amd64.deb ...
Unpacking libstdc++-11-dev:amd64 (11.3.0-1ubuntu1~22.04) ...
Selecting previously unselected package g++-11.
Preparing to unpack .../30-g++-11_11.3.0-1ubuntu1~22.04_amd64.deb ...
Unpacking g++-11 (11.3.0-1ubuntu1~22.04) ...
Selecting previously unselected package g++.
Preparing to unpack .../31-g++_4%3a11.2.0-1ubuntu1_amd64.deb ...
Unpacking g++ (4:11.2.0-1ubuntu1) ...
Selecting previously unselected package make.
Preparing to unpack .../32-make_4.3-4.1build1_amd64.deb ...
Unpacking make (4.3-4.1build1) ...
Selecting previously unselected package libdpkg-perl.
Preparing to unpack .../33-libdpkg-perl_1.21.1ubuntu2.1_all.deb ...
Unpacking libdpkg-perl (1.21.1ubuntu2.1) ...
Selecting previously unselected package bzip2.
Preparing to unpack .../34-bzip2_1.0.8-5build1_amd64.deb ...
Unpacking bzip2 (1.0.8-5build1) ...
Selecting previously unselected package lto-disabled-list.
Preparing to unpack .../35-lto-disabled-list_24_all.deb ...
Unpacking lto-disabled-list (24) ...
Selecting previously unselected package dpkg-dev.
Preparing to unpack .../36-dpkg-dev_1.21.1ubuntu2.1_all.deb ...
Unpacking dpkg-dev (1.21.1ubuntu2.1) ...
Selecting previously unselected package build-essential.
Preparing to unpack .../37-build-essential_12.9ubuntu3_amd64.deb ...
Unpacking build-essential (12.9ubuntu3) ...
Selecting previously unselected package libdebhelper-perl.
Preparing to unpack .../38-libdebhelper-perl_13.6ubuntu1_all.deb ...
Unpacking libdebhelper-perl (13.6ubuntu1) ...
Selecting previously unselected package libtool.
Preparing to unpack .../39-libtool_2.4.6-15build2_all.deb ...
Unpacking libtool (2.4.6-15build2) ...
Selecting previously unselected package dh-autoreconf.
Preparing to unpack .../40-dh-autoreconf_20_all.deb ...
Unpacking dh-autoreconf (20) ...
Selecting previously unselected package libarchive-zip-perl.
Preparing to unpack .../41-libarchive-zip-perl_1.68-1_all.deb ...
Unpacking libarchive-zip-perl (1.68-1) ...
Selecting previously unselected package libsub-override-perl.
Preparing to unpack .../42-libsub-override-perl_0.09-2_all.deb ...
Unpacking libsub-override-perl (0.09-2) ...
Selecting previously unselected package libfile-stripnondeterminism-perl.
Preparing to unpack .../43-libfile-stripnondeterminism-perl_1.13.0-1_all.deb ...
Unpacking libfile-stripnondeterminism-perl (1.13.0-1) ...
Selecting previously unselected package dh-strip-nondeterminism.
Preparing to unpack .../44-dh-strip-nondeterminism_1.13.0-1_all.deb ...
Unpacking dh-strip-nondeterminism (1.13.0-1) ...
Selecting previously unselected package debugedit.
Preparing to unpack .../45-debugedit_1%3a5.0-4build1_amd64.deb ...
Unpacking debugedit (1:5.0-4build1) ...
Selecting previously unselected package dwz.
Preparing to unpack .../46-dwz_0.14-1build2_amd64.deb ...
Unpacking dwz (0.14-1build2) ...
Selecting previously unselected package gettext.
Preparing to unpack .../47-gettext_0.21-4ubuntu4_amd64.deb ...
Unpacking gettext (0.21-4ubuntu4) ...
Selecting previously unselected package intltool-debian.
Preparing to unpack .../48-intltool-debian_0.35.0+20060710.5_all.deb ...
Unpacking intltool-debian (0.35.0+20060710.5) ...
Selecting previously unselected package po-debconf.
Preparing to unpack .../49-po-debconf_1.0.21+nmu1_all.deb ...
Unpacking po-debconf (1.0.21+nmu1) ...
Selecting previously unselected package debhelper.
Preparing to unpack .../50-debhelper_13.6ubuntu1_all.deb ...
Unpacking debhelper (13.6ubuntu1) ...
Selecting previously unselected package libfakeroot:amd64.
Preparing to unpack .../51-libfakeroot_1.28-1ubuntu1_amd64.deb ...
Unpacking libfakeroot:amd64 (1.28-1ubuntu1) ...
Selecting previously unselected package fakeroot.
Preparing to unpack .../52-fakeroot_1.28-1ubuntu1_amd64.deb ...
Unpacking fakeroot (1.28-1ubuntu1) ...
Selecting previously unselected package fonts-dejavu-core.
Preparing to unpack .../53-fonts-dejavu-core_2.37-2build1_all.deb ...
Unpacking fonts-dejavu-core (2.37-2build1) ...
Selecting previously unselected package fontconfig-config.
Preparing to unpack .../54-fontconfig-config_2.13.1-4.2ubuntu5_all.deb ...
Unpacking fontconfig-config (2.13.1-4.2ubuntu5) ...
Selecting previously unselected package libalgorithm-diff-perl.
Preparing to unpack .../55-libalgorithm-diff-perl_1.201-1_all.deb ...
Unpacking libalgorithm-diff-perl (1.201-1) ...
Selecting previously unselected package libalgorithm-diff-xs-perl.
Preparing to unpack .../56-libalgorithm-diff-xs-perl_0.04-6build3_amd64.deb ...
Unpacking libalgorithm-diff-xs-perl (0.04-6build3) ...
Selecting previously unselected package libalgorithm-merge-perl.
Preparing to unpack .../57-libalgorithm-merge-perl_0.08-3_all.deb ...
Unpacking libalgorithm-merge-perl (0.08-3) ...
Selecting previously unselected package libarchive-cpio-perl.
Preparing to unpack .../58-libarchive-cpio-perl_0.10-1.1_all.deb ...
Unpacking libarchive-cpio-perl (0.10-1.1) ...
Selecting previously unselected package libfontconfig1:amd64.
Preparing to unpack .../59-libfontconfig1_2.13.1-4.2ubuntu5_amd64.deb ...
Unpacking libfontconfig1:amd64 (2.13.1-4.2ubuntu5) ...
Selecting previously unselected package libjpeg-turbo8:amd64.
Preparing to unpack .../60-libjpeg-turbo8_2.1.2-0ubuntu1_amd64.deb ...
Unpacking libjpeg-turbo8:amd64 (2.1.2-0ubuntu1) ...
Selecting previously unselected package libjpeg8:amd64.
Preparing to unpack .../61-libjpeg8_8c-2ubuntu10_amd64.deb ...
Unpacking libjpeg8:amd64 (8c-2ubuntu10) ...
Selecting previously unselected package libdeflate0:amd64.
Preparing to unpack .../62-libdeflate0_1.10-2_amd64.deb ...
Unpacking libdeflate0:amd64 (1.10-2) ...
Selecting previously unselected package libjbig0:amd64.
Preparing to unpack .../63-libjbig0_2.1-3.1build3_amd64.deb ...
Unpacking libjbig0:amd64 (2.1-3.1build3) ...
Selecting previously unselected package libwebp7:amd64.
Preparing to unpack .../64-libwebp7_1.2.2-2_amd64.deb ...
Unpacking libwebp7:amd64 (1.2.2-2) ...
Selecting previously unselected package libtiff5:amd64.
Preparing to unpack .../65-libtiff5_4.3.0-6ubuntu0.2_amd64.deb ...
Unpacking libtiff5:amd64 (4.3.0-6ubuntu0.2) ...
Selecting previously unselected package libxpm4:amd64.
Preparing to unpack .../66-libxpm4_1%3a3.5.12-1build2_amd64.deb ...
Unpacking libxpm4:amd64 (1:3.5.12-1build2) ...
Selecting previously unselected package libgd3:amd64.
Preparing to unpack .../67-libgd3_2.3.0-2ubuntu2_amd64.deb ...
Unpacking libgd3:amd64 (2.3.0-2ubuntu2) ...
Selecting previously unselected package libc-devtools.
Preparing to unpack .../68-libc-devtools_2.35-0ubuntu3.1_amd64.deb ...
Unpacking libc-devtools (2.35-0ubuntu3.1) ...
Selecting previously unselected package libfile-fcntllock-perl.
Preparing to unpack .../69-libfile-fcntllock-perl_0.22-3build7_amd64.deb ...
Unpacking libfile-fcntllock-perl (0.22-3build7) ...
Selecting previously unselected package libltdl7:amd64.
Preparing to unpack .../70-libltdl7_2.4.6-15build2_amd64.deb ...
Unpacking libltdl7:amd64 (2.4.6-15build2) ...
Selecting previously unselected package libltdl-dev:amd64.
Preparing to unpack .../71-libltdl-dev_2.4.6-15build2_amd64.deb ...
Unpacking libltdl-dev:amd64 (2.4.6-15build2) ...
Selecting previously unselected package libsys-hostname-long-perl.
Preparing to unpack .../72-libsys-hostname-long-perl_1.5-2_all.deb ...
Unpacking libsys-hostname-long-perl (1.5-2) ...
Selecting previously unselected package libmail-sendmail-perl.
Preparing to unpack .../73-libmail-sendmail-perl_0.80-1.1_all.deb ...
Unpacking libmail-sendmail-perl (0.80-1.1) ...
Selecting previously unselected package manpages-dev.
Preparing to unpack .../74-manpages-dev_5.10-1ubuntu1_all.deb ...
Unpacking manpages-dev (5.10-1ubuntu1) ...
Setting up gcc-11-base:amd64 (11.3.0-1ubuntu1~22.04) ...
Setting up manpages-dev (5.10-1ubuntu1) ...
Setting up lto-disabled-list (24) ...
Setting up libxpm4:amd64 (1:3.5.12-1build2) ...
Setting up libfile-fcntllock-perl (0.22-3build7) ...
Setting up libalgorithm-diff-perl (1.201-1) ...
Setting up libarchive-zip-perl (1.68-1) ...
Setting up libdebhelper-perl (13.6ubuntu1) ...
Setting up libdeflate0:amd64 (1.10-2) ...
Setting up linux-libc-dev:amd64 (5.15.0-53.59) ...
Setting up m4 (1.4.18-5ubuntu2) ...
Setting up libgomp1:amd64 (12.1.0-2ubuntu1~22.04) ...
Setting up bzip2 (1.0.8-5build1) ...
Setting up libjbig0:amd64 (2.1-3.1build3) ...
Setting up libfakeroot:amd64 (1.28-1ubuntu1) ...
Setting up libasan6:amd64 (11.3.0-1ubuntu1~22.04) ...
Setting up fakeroot (1.28-1ubuntu1) ...
update-alternatives: using /usr/bin/fakeroot-sysv to provide /usr/bin/fakeroot (fakeroot) in auto mode
Setting up autotools-dev (20220109.1) ...
Setting up libtirpc-dev:amd64 (1.3.2-2ubuntu0.1) ...
Setting up rpcsvc-proto (1.4.2-0ubuntu6) ...
Setting up make (4.3-4.1build1) ...
Setting up libquadmath0:amd64 (12.1.0-2ubuntu1~22.04) ...
Setting up libmpc3:amd64 (1.2.1-2build1) ...
Setting up libatomic1:amd64 (12.1.0-2ubuntu1~22.04) ...
Setting up autopoint (0.21-4ubuntu4) ...
Setting up fonts-dejavu-core (2.37-2build1) ...
Setting up libjpeg-turbo8:amd64 (2.1.2-0ubuntu1) ...
Setting up libltdl7:amd64 (2.4.6-15build2) ...
Setting up libdpkg-perl (1.21.1ubuntu2.1) ...
Setting up autoconf (2.71-2) ...
Setting up libwebp7:amd64 (1.2.2-2) ...
Setting up libubsan1:amd64 (12.1.0-2ubuntu1~22.04) ...
Setting up dwz (0.14-1build2) ...
Setting up libnsl-dev:amd64 (1.3.0-2build2) ...
Setting up libcrypt-dev:amd64 (1:4.4.27-1) ...
Setting up libarchive-cpio-perl (0.10-1.1) ...
Setting up debugedit (1:5.0-4build1) ...
Setting up libsub-override-perl (0.09-2) ...
Setting up libisl23:amd64 (0.24-2build1) ...
Setting up libc-dev-bin (2.35-0ubuntu3.1) ...
Setting up libsys-hostname-long-perl (1.5-2) ...
Setting up libalgorithm-diff-xs-perl (0.04-6build3) ...
Setting up libcc1-0:amd64 (12.1.0-2ubuntu1~22.04) ...
Setting up liblsan0:amd64 (12.1.0-2ubuntu1~22.04) ...
Setting up libitm1:amd64 (12.1.0-2ubuntu1~22.04) ...
Setting up libalgorithm-merge-perl (0.08-3) ...
Setting up libtsan0:amd64 (11.3.0-1ubuntu1~22.04) ...
Setting up libjpeg8:amd64 (8c-2ubuntu10) ...
Setting up automake (1:1.16.5-1.3) ...
update-alternatives: using /usr/bin/automake-1.16 to provide /usr/bin/automake (automake) in auto mode
Setting up libfile-stripnondeterminism-perl (1.13.0-1) ...
Setting up cpp-11 (11.3.0-1ubuntu1~22.04) ...
Setting up gettext (0.21-4ubuntu4) ...
Setting up fontconfig-config (2.13.1-4.2ubuntu5) ...
Setting up dpkg-dev (1.21.1ubuntu2.1) ...
Setting up intltool-debian (0.35.0+20060710.5) ...
Setting up libmail-sendmail-perl (0.80-1.1) ...
Setting up libltdl-dev:amd64 (2.4.6-15build2) ...
Setting up dh-strip-nondeterminism (1.13.0-1) ...
Setting up libgcc-11-dev:amd64 (11.3.0-1ubuntu1~22.04) ...
Setting up gcc-11 (11.3.0-1ubuntu1~22.04) ...
Setting up cpp (4:11.2.0-1ubuntu1) ...
Setting up libc6-dev:amd64 (2.35-0ubuntu3.1) ...
Setting up libtiff5:amd64 (4.3.0-6ubuntu0.2) ...
Setting up libfontconfig1:amd64 (2.13.1-4.2ubuntu5) ...
Setting up libtool (2.4.6-15build2) ...
Setting up po-debconf (1.0.21+nmu1) ...
Setting up gcc (4:11.2.0-1ubuntu1) ...
Setting up dh-autoreconf (20) ...
Setting up libgd3:amd64 (2.3.0-2ubuntu2) ...
Setting up libstdc++-11-dev:amd64 (11.3.0-1ubuntu1~22.04) ...
Setting up libc-devtools (2.35-0ubuntu3.1) ...
Setting up g++-11 (11.3.0-1ubuntu1~22.04) ...
Setting up debhelper (13.6ubuntu1) ...
Setting up g++ (4:11.2.0-1ubuntu1) ...
update-alternatives: using /usr/bin/g++ to provide /usr/bin/c++ (c++) in auto mode
Setting up build-essential (12.9ubuntu3) ...
Processing triggers for libc-bin (2.35-0ubuntu3.1) ...
Processing triggers for man-db (2.10.2-1) ...
Processing triggers for install-info (6.8-4build1) ...
Scanning processes...
Scanning linux images...

Running kernel seems to be up-to-date.

No services need to be restarted.

No containers need to be restarted.

No user sessions are running outdated binaries.

No VM guests are running outdated hypervisor (qemu) binaries on this host.
root@ubuntu2204:~# apt-get install gnupg apt-transport-https
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
gnupg is already the newest version (2.2.27-3ubuntu2.1).
The following NEW packages will be installed:
  apt-transport-https
0 upgraded, 1 newly installed, 0 to remove and 0 not upgraded.
Need to get 1,506 B of archives.
After this operation, 169 kB of additional disk space will be used.
Do you want to continue? [Y/n] Y
Get:1 https://mirrors.edge.kernel.org/ubuntu jammy-updates/universe amd64 apt-transport-https all 2.4.8 [1,506 B]
Fetched 1,506 B in 0s (10.8 kB/s)
Selecting previously unselected package apt-transport-https.
(Reading database ... 82294 files and directories currently installed.)
Preparing to unpack .../apt-transport-https_2.4.8_all.deb ...
Unpacking apt-transport-https (2.4.8) ...
Setting up apt-transport-https (2.4.8) ...
Scanning processes...
Scanning linux images...

Running kernel seems to be up-to-date.

No services need to be restarted.

No containers need to be restarted.

No user sessions are running outdated binaries.

No VM guests are running outdated hypervisor (qemu) binaries on this host.
root@ubuntu2204:~# curl -s https://packages-dev.wazuh.com/key/GPG-KEY-WAZUH | gpg --no-default-keyring --keyring gnupg-ring:/usr/share/keyrings/wazuh.gpg --import && chmod 644 /usr/share/keyrings/wazuh.gpg
gpg: keyring '/usr/share/keyrings/wazuh.gpg' created
gpg: directory '/root/.gnupg' created
gpg: /root/.gnupg/trustdb.gpg: trustdb created
gpg: key 96B3EE5F29111145: public key "Wazuh.com (Wazuh Signing Key) <support@wazuh.com>" imported
gpg: Total number processed: 1
gpg:               imported: 1
root@ubuntu2204:~# echo "deb [signed-by=/usr/share/keyrings/wazuh.gpg] https://packages-dev.wazuh.com/pre-release/apt/ unstable main" | tee -a /etc/apt/sources.list.d/wazuh.list
deb [signed-by=/usr/share/keyrings/wazuh.gpg] https://packages-dev.wazuh.com/pre-release/apt/ unstable main
root@ubuntu2204:~# apt-get update
Hit:1 https://mirrors.edge.kernel.org/ubuntu jammy InRelease
Get:2 https://mirrors.edge.kernel.org/ubuntu jammy-updates InRelease [114 kB]
Get:3 https://mirrors.edge.kernel.org/ubuntu jammy-backports InRelease [99.8 kB]
Get:4 https://mirrors.edge.kernel.org/ubuntu jammy-security InRelease [110 kB]
Get:5 https://mirrors.edge.kernel.org/ubuntu jammy-updates/main amd64 Packages [753 kB]
Get:6 https://mirrors.edge.kernel.org/ubuntu jammy-updates/main Translation-en [169 kB]
Get:7 https://mirrors.edge.kernel.org/ubuntu jammy-updates/main amd64 c-n-f Metadata [11.3 kB]
Get:8 https://mirrors.edge.kernel.org/ubuntu jammy-updates/restricted amd64 Packages [475 kB]
Get:9 https://mirrors.edge.kernel.org/ubuntu jammy-updates/restricted Translation-en [72.7 kB]
Get:10 https://mirrors.edge.kernel.org/ubuntu jammy-updates/universe amd64 Packages [761 kB]
Get:11 https://mirrors.edge.kernel.org/ubuntu jammy-updates/universe Translation-en [128 kB]
Get:12 https://mirrors.edge.kernel.org/ubuntu jammy-updates/universe amd64 c-n-f Metadata [14.0 kB]
Get:13 https://mirrors.edge.kernel.org/ubuntu jammy-updates/multiverse amd64 c-n-f Metadata [420 B]
Get:14 https://mirrors.edge.kernel.org/ubuntu jammy-backports/universe amd64 Packages [6,736 B]
Get:15 https://mirrors.edge.kernel.org/ubuntu jammy-backports/universe Translation-en [9,460 B]
Get:16 https://mirrors.edge.kernel.org/ubuntu jammy-backports/universe amd64 c-n-f Metadata [348 B]
Get:17 https://mirrors.edge.kernel.org/ubuntu jammy-security/main amd64 Packages [520 kB]
Get:18 https://mirrors.edge.kernel.org/ubuntu jammy-security/main Translation-en [112 kB]
Get:19 https://mirrors.edge.kernel.org/ubuntu jammy-security/main amd64 c-n-f Metadata [7,200 B]
Get:20 https://mirrors.edge.kernel.org/ubuntu jammy-security/restricted amd64 Packages [438 kB]
Get:21 https://mirrors.edge.kernel.org/ubuntu jammy-security/restricted Translation-en [67.3 kB]
Get:22 https://mirrors.edge.kernel.org/ubuntu jammy-security/restricted amd64 c-n-f Metadata [584 B]
Get:23 https://mirrors.edge.kernel.org/ubuntu jammy-security/universe amd64 Packages [622 kB]
Get:24 https://mirrors.edge.kernel.org/ubuntu jammy-security/universe Translation-en [81.5 kB]
Get:25 https://mirrors.edge.kernel.org/ubuntu jammy-security/universe amd64 c-n-f Metadata [11.0 kB]
Get:26 https://mirrors.edge.kernel.org/ubuntu jammy-security/multiverse amd64 c-n-f Metadata [228 B]
Get:27 https://packages-dev.wazuh.com/pre-release/apt unstable InRelease [17.3 kB]
Get:28 https://packages-dev.wazuh.com/pre-release/apt unstable/main amd64 Packages [26.6 kB]
Fetched 4,628 kB in 2s (2,645 kB/s)
Reading package lists... Done
root@ubuntu2204:~# apt-get -y install wazuh-dashboard
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
The following NEW packages will be installed:
  wazuh-dashboard
0 upgraded, 1 newly installed, 0 to remove and 25 not upgraded.
Need to get 156 MB of archives.
After this operation, 846 MB of additional disk space will be used.
Get:1 https://packages-dev.wazuh.com/pre-release/apt unstable/main amd64 wazuh-dashboard amd64 4.4.0-1 [156 MB]
Fetched 156 MB in 7s (20.9 MB/s)
Selecting previously unselected package wazuh-dashboard.
(Reading database ... 82298 files and directories currently installed.)
Preparing to unpack .../wazuh-dashboard_4.4.0-1_amd64.deb ...
Creating wazuh-dashboard group... OK
Creating wazuh-dashboard user... OK
Unpacking wazuh-dashboard (4.4.0-1) ...
Setting up wazuh-dashboard (4.4.0-1) ...
Scanning processes...
Scanning linux images...

Running kernel seems to be up-to-date.

No services need to be restarted.

No containers need to be restarted.

No user sessions are running outdated binaries.

No VM guests are running outdated hypervisor (qemu) binaries on this host.
Configuring the wazuh dashboard, deploying certificates, starting the wazuh dashboard service 🟢 
root@ubuntu2204:~# vim /etc/wazuh-dashboard/opensearch_dashboards.yml
root@ubuntu2204:~# cat /etc/wazuh-dashboard/opensearch_dashboards.yml
server.host: 0.0.0.0
server.port: 443
opensearch.hosts: https://172.21.231.190:9200
opensearch.ssl.verificationMode: certificate
#opensearch.username:
#opensearch.password:
opensearch.requestHeadersWhitelist: ["securitytenant","Authorization"]
opensearch_security.multitenancy.enabled: false
opensearch_security.readonly_mode.roles: ["kibana_read_only"]
server.ssl.enabled: true
server.ssl.key: "/etc/wazuh-dashboard/certs/dashboard-key.pem"
server.ssl.certificate: "/etc/wazuh-dashboard/certs/dashboard.pem"
opensearch.ssl.certificateAuthorities: ["/etc/wazuh-dashboard/certs/root-ca.pem"]
uiSettings.overrides.defaultRoute: /app/wazuh

root@ubuntu2204:~# ls
snap  truncate  wazuh-certificates.tar
root@ubuntu2204:~# NODE_NAME=dashboard
root@ubuntu2204:~# mkdir /etc/wazuh-dashboard/certs
root@ubuntu2204:~# tar -xf ./wazuh-certificates.tar -C /etc/wazuh-dashboard/certs/ ./$NODE_NAME.pem ./$NODE_NAME-key.pem ./root-ca.pem
root@ubuntu2204:~# mv -n /etc/wazuh-dashboard/certs/$NODE_NAME.pem /etc/wazuh-dashboard/certs/dashboard.pem
root@ubuntu2204:~# mv -n /etc/wazuh-dashboard/certs/$NODE_NAME-key.pem /etc/wazuh-dashboard/certs/dashboard-key.pem
root@ubuntu2204:~# chmod 500 /etc/wazuh-dashboard/certs
root@ubuntu2204:~# chmod 400 /etc/wazuh-dashboard/certs/*
root@ubuntu2204:~# chown -R wazuh-dashboard:wazuh-dashboard /etc/wazuh-dashboard/certs
root@ubuntu2204:~# systemctl daemon-reload
root@ubuntu2204:~# systemctl enable wazuh-dashboard
Created symlink /etc/systemd/system/multi-user.target.wants/wazuh-dashboard.service → /etc/systemd/system/wazuh-dashboard.service.
root@ubuntu2204:~# systemctl start wazuh-dashboard
root@ubuntu2204:~# vi /usr/share/wazuh-dashboard/data/wazuh/config/wazuh.yml

@gdiazlo
Copy link
Member Author

gdiazlo commented Dec 1, 2022
edited
Loading

Accessing dashboard 🔴

Issues have already been reported about the cluster mode. Got this API response when requesting:

Headers:

POST /api/request HTTP/1.1
Content-Type: application/json
Accept: application/json, text/plain, */*
Accept-Encoding: gzip, deflate, br
Accept-Language: es-ES,es;q=0.9
Host: 172.21.238.162
Origin: https://172.21.238.162
User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/16.1 Safari/605.1.15
Connection: keep-alive
Referer: https://172.21.238.162/app/wazuh
Content-Length: 65
Cookie: security_authentication=....
osd-xsrf: kibana

Payload:

{"method":"GET","path":"/cluster/nodes","body":{},"id":"default"}

Response:

{
    "statusCode": 500,
    "error": "Internal Server Error",
    "message": "3013 - Cluster is not running, it might be disabled in `WAZUH_HOME/etc/ossec.conf`"
}
Installing the agent using WU 🔴

This might be related to the cluster API error already reported. There is no IP for the manager reported:

The URL for the fedora package is incorrect. It has an invalid package name:
image

The agent installed after fixing the URL, but the start command gave me an error message:

[vagrant@fedora37 ~]$ sudo systemctl daemon-reload
sudo systemctl enable wazuh-agent
sudo systemctl start wazuh-agent
Synchronizing state of wazuh-agent.service with SysV service script with /usr/lib/systemd/systemd-sysv-install.
Executing: /usr/lib/systemd/systemd-sysv-install enable wazuh-agent
**Failed to execute /usr/lib/systemd/systemd-sysv-install: No such file or directory**

The agent seems started though:

[vagrant@fedora37 ~]$ systemctl status wazuh-agent
● wazuh-agent.service - Wazuh agent
     Loaded: loaded (/usr/lib/systemd/system/wazuh-agent.service; disabled; preset: disabled)
     Active: active (running) since Thu 2022-12-01 23:12:31 UTC; 3min 49s ago
    Process: 3373 ExecStart=/usr/bin/env /var/ossec/bin/wazuh-control start (code=exited, status=0/SUCCESS)
      Tasks: 30 (limit: 9495)
     Memory: 15.5M
        CPU: 361ms
     CGroup: /system.slice/wazuh-agent.service
             ├─3400 /var/ossec/bin/wazuh-execd
             ├─3409 /var/ossec/bin/wazuh-agentd
             ├─3423 /var/ossec/bin/wazuh-syscheckd
             ├─3436 /var/ossec/bin/wazuh-logcollector
             └─3454 /var/ossec/bin/wazuh-modulesd

The agent registered:

image

The OS version is not detected, and a dash appears in its place, which was already reported in wazuh/wazuh-dashboard-plugins#4809

@gdiazlo
Copy link
Member Author

gdiazlo commented Dec 2, 2022
edited
Loading

Configure Slack integration 🟢 
<integration>
    <name>slack</name>
    <hook_url>https://hooks.slack.com/services/TMYFNF.....</hook_url> <!-- Replace with your Slack Webhook -->
    <level>10</level>
    <alert_format>json</alert_format>
</integration>
image
Configure PagerDuty integration 🟡 
<integration>
  <name>pagerduty</name>
  <api_key>e........Wuog</api_key> <!-- Replace with your PagerDuty API key -->
  <level>10</level>
</integration>

This is affected by the issue:
#4264

image image image
Configure shuffler integration 🔴

No documentation on how to integrate shuffler besides a closed issue #15034
but there is no correspondent documentation issue to create the relevant section in documentation.wazuh.com

image image
Debug for integratord - manual integration not working 🟡

I've created a manual integration to debug why pagerduty is not working. I added the following configuration:

<integration>
  <name>pagerdutymanual</name>
  <hook_url>https://events.eu.pagerduty.com/generic/2010-04-15/create_event.json</hook_url> <!-- Required for Slack -->
  <api_key>5854..........7e4f</api_key> <!-- Required for PagerDuty and VirusTotal -->

  <!-- Optional filters -->
  <level>10</level>
</integration>

But In the logs I only see the other three integrations, not this one:

2022/12/02 13:51:58 wazuh-integratord[52933] integrator.c:142 at OS_IntegratorD(): DEBUG: sending new alert.
2022/12/02 13:52:02 rootcheck: INFO: Ending rootcheck scan.
2022/12/02 13:52:09 wazuh-integratord[52933] integrator.c:142 at OS_IntegratorD(): DEBUG: sending new alert.
2022/12/02 13:52:09 wazuh-integratord[52933] integrator.c:403 at OS_IntegratorD(): DEBUG: Running: integrations /tmp/slack-1669989129-891124774.alert  https://hooks.slack.com/services/TMYFNFl........CUut debug
2022/12/02 13:52:09 wazuh-integratord[52933] integrator.c:425 at OS_IntegratorD(): DEBUG: Command ran successfully.
2022/12/02 13:52:09 wazuh-integratord[52933] integrator.c:403 at OS_IntegratorD(): DEBUG: Running: integrations /tmp/slack-1669989129-891124774.alert e..........uog  debug
2022/12/02 13:52:09 wazuh-integratord[52933] integrator.c:425 at OS_IntegratorD(): DEBUG: Command ran successfully.
2022/12/02 13:52:09 wazuh-integratord[52933] integrator.c:403 at OS_IntegratorD(): DEBUG: Running: integrations /tmp/slack-1669989129-891124774.alert  https://shuffler.io/api/v1/hooks/web..........2ad debug
2022/12/02 13:52:10 wazuh-integratord[52933] integrator.c:425 at OS_IntegratorD(): DEBUG: Command ran successfully.

This is related to the issue:
#4264
which is solved in 4.5.

@gdiazlo gdiazlo moved this to Triage in Release 4.4.0 Dec 2, 2022
@gdiazlo gdiazlo moved this from Triage to In Progress in Release 4.4.0 Dec 2, 2022
@gdiazlo gdiazlo self-assigned this Dec 2, 2022
@gdiazlo gdiazlo moved this from In Progress to In Review in Release 4.4.0 Dec 2, 2022
@gdiazlo gdiazlo added release test/4.4.0 Issues related to testing for v4.4.0 type/test/manual team/frontend labels Dec 2, 2022
@chemamartinez
Copy link
Contributor

Regarding the missing documentation for the Shuffle integration that is reported here, it was actually included at wazuh/wazuh-documentation#5654.

It can be also found at https://documentation-dev.wazuh.com/v4.4.0-alpha1/user-manual/manager/manual-integration.html, so we can consider that 🔴 a false positive.

Once clarified this point, we approved this issue since every finding has been reported and tracked.

Repository owner moved this from In Review to Done in Release 4.4.0 Dec 12, 2022
@mjcr99 mjcr99 mentioned this issue Dec 29, 2022
Closed
3 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@gdiazlo gdiazlo

Labels
release test/4.4.0 Issues related to testing for v4.4.0 type/test/manual
Projects
No open projects
Release 4.4.0
Status: Done
Milestone
No milestone
Development

No branches or pull requests
3 participants
@gdiazlo @chemamartinez @davidjiglesias