Test 4.9.0-2 packages #299
Assignees
Labels
Comments
Upgrade test 🟢Operating system: CentOS 8 Install/Upgrade process[root@localhost vagrant]# bash wazuh-install.sh -u
06/09/2024 16:20:31 INFO: Starting Wazuh installation assistant. Wazuh version: 4.7.5
06/09/2024 16:20:31 INFO: Verbose logging redirected to /var/log/wazuh-install.log
06/09/2024 16:20:32 INFO: Removing Wazuh manager.
06/09/2024 16:20:46 INFO: Wazuh manager removed.
06/09/2024 16:20:46 INFO: Removing Wazuh indexer.
06/09/2024 16:20:47 INFO: Wazuh indexer removed.
06/09/2024 16:20:47 INFO: Removing Filebeat.
06/09/2024 16:20:47 INFO: Filebeat removed.
06/09/2024 16:20:47 INFO: Removing Wazuh dashboard.
06/09/2024 16:20:52 INFO: Wazuh dashboard removed.
[root@localhost vagrant]# bash wazuh-install.sh -a
06/09/2024 16:21:21 INFO: Starting Wazuh installation assistant. Wazuh version: 4.7.5
06/09/2024 16:21:21 INFO: Verbose logging redirected to /var/log/wazuh-install.log
06/09/2024 16:21:24 INFO: --- Dependencies ---
06/09/2024 16:21:24 INFO: Installing lsof.
06/09/2024 16:21:26 INFO: Wazuh web interface port will be 443.
06/09/2024 16:21:28 INFO: Wazuh repository added.
06/09/2024 16:21:28 INFO: --- Configuration files ---
06/09/2024 16:21:28 INFO: Generating configuration files.
06/09/2024 16:21:28 INFO: Created wazuh-install-files.tar. It contains the Wazuh cluster key, certificates, and passwords necessary for installation.
06/09/2024 16:21:28 INFO: --- Wazuh indexer ---
06/09/2024 16:21:28 INFO: Starting Wazuh indexer installation.
06/09/2024 16:22:31 INFO: Wazuh indexer installation finished.
06/09/2024 16:22:31 INFO: Wazuh indexer post-install configuration finished.
06/09/2024 16:22:31 INFO: Starting service wazuh-indexer.
06/09/2024 16:22:36 INFO: wazuh-indexer service started.
06/09/2024 16:22:36 INFO: Initializing Wazuh indexer cluster security settings.
06/09/2024 16:22:47 INFO: Wazuh indexer cluster initialized.
06/09/2024 16:22:47 INFO: --- Wazuh server ---
06/09/2024 16:22:47 INFO: Starting the Wazuh manager installation.
06/09/2024 16:23:26 INFO: Wazuh manager installation finished.
06/09/2024 16:23:26 INFO: Starting service wazuh-manager.
06/09/2024 16:23:35 INFO: wazuh-manager service started.
06/09/2024 16:23:35 INFO: Starting Filebeat installation.
06/09/2024 16:23:37 INFO: Filebeat installation finished.
06/09/2024 16:23:38 INFO: Filebeat post-install configuration finished.
06/09/2024 16:23:38 INFO: Starting service filebeat.
06/09/2024 16:23:38 INFO: filebeat service started.
06/09/2024 16:23:38 INFO: --- Wazuh dashboard ---
06/09/2024 16:23:38 INFO: Starting Wazuh dashboard installation.
06/09/2024 16:24:20 INFO: Wazuh dashboard installation finished.
06/09/2024 16:24:20 INFO: Wazuh dashboard post-install configuration finished.
06/09/2024 16:24:20 INFO: Starting service wazuh-dashboard.
06/09/2024 16:24:20 INFO: wazuh-dashboard service started.
06/09/2024 16:24:34 INFO: Initializing Wazuh dashboard web application.
06/09/2024 16:24:36 INFO: Wazuh dashboard web application initialized.
06/09/2024 16:24:36 INFO: --- Summary ---
06/09/2024 16:24:36 INFO: You can access the web interface https://<wazuh-dashboard-ip>:443
User: admin
Password: VS0vy2og7A?nERxDFiwfdvkL.*h8q9q2
06/09/2024 16:24:36 INFO: --- Dependencies ---
06/09/2024 16:24:36 INFO: Removing lsof.
06/09/2024 16:24:36 INFO: Installation finished.
[root@localhost vagrant]# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
link/ether 08:00:27:f1:ca:e4 brd ff:ff:ff:ff:ff:ff
inet 10.0.2.15/24 brd 10.0.2.255 scope global dynamic noprefixroute eth0
valid_lft 73250sec preferred_lft 73250sec
inet6 fe80::4110:eb48:57c6:2836/64 scope link noprefixroute
valid_lft forever preferred_lft forever
3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
link/ether 08:00:27:70:02:c3 brd ff:ff:ff:ff:ff:ff
inet 192.168.0.160/24 brd 192.168.0.255 scope global dynamic noprefixroute eth1
valid_lft 3518sec preferred_lft 3518sec
inet6 fe80::a00:27ff:fe70:2c3/64 scope link
valid_lft forever preferred_lft forever
[root@localhost vagrant]# systemctl stop filebeat
[root@localhost vagrant]# systemctl stop wazuh-dashboard
[root@localhost vagrant]# systemctl stop wazuh-indexer
[root@localhost vagrant]# yum upgrade wazuh-indexer
Failed to set locale, defaulting to C.UTF-8
Last metadata expiration check: 0:05:34 ago on Fri Sep 6 16:21:28 2024.
Dependencies resolved.
===========================================================================================
Package Architecture Version Repository Size
===========================================================================================
Upgrading:
wazuh-indexer x86_64 4.8.2-1 wazuh 743 M
Transaction Summary
===========================================================================================
Upgrade 1 Package
Total download size: 743 M
Is this ok [y/N]: n
Operation aborted.
[root@localhost vagrant]# echo -e '[wazuh]\ngpgcheck=1\ngpgkey=https://packages.wazuh.com/key/GPG-KEY-WAZUH\nenabled=1\nname=EL-$releasever - Wazuh\nbaseurl=https://packages.wazuh.com/pre-release/yum/\nprotect=1' | tee /etc/yum.repos.d/wazuh.repo
[wazuh]
gpgcheck=1
gpgkey=https://packages.wazuh.com/key/GPG-KEY-WAZUH
enabled=1
name=EL-$releasever - Wazuh
baseurl=https://packages.wazuh.com/pre-release/yum/
protect=1
[root@localhost vagrant]# yum upgrade wazuh-indexer
Failed to set locale, defaulting to C.UTF-8
EL-8 - Wazuh 196 B/s | 306 B 00:01
Errors during downloading metadata for repository 'wazuh':
- Status code: 404 for https://packages.wazuh.com/pre-release/yum/repodata/repomd.xml (IP: 3.160.107.82)
Error: Failed to download metadata for repo 'wazuh': Cannot download repomd.xml: Cannot download repodata/repomd.xml: All mirrors were tried
[root@localhost vagrant]# echo -e '[wazuh]\ngpgcheck=1\ngpgkey=https://packages.wazuh.com/key/GPG-KEY-WAZUH\nenabled=1\nname=EL-$releasever - Wazuh\nbaseurl=https://packages-dev.wazuh.com/pre-release/yum/\nprotect=1' | tee /etc/yum.repos.d/wazuh.repo
[wazuh]
gpgcheck=1
gpgkey=https://packages.wazuh.com/key/GPG-KEY-WAZUH
enabled=1
name=EL-$releasever - Wazuh
baseurl=https://packages-dev.wazuh.com/pre-release/yum/
protect=1
[root@localhost vagrant]# yum upgrade wazuh-indexer
Failed to set locale, defaulting to C.UTF-8
EL-8 - Wazuh 2.7 kB/s | 3.5 kB 00:01
EL-8 - Wazuh 6.9 MB/s | 29 MB 00:04
Last metadata expiration check: 0:00:07 ago on Fri Sep 6 16:27:42 2024.
Dependencies resolved.
===========================================================================================
Package Architecture Version Repository Size
===========================================================================================
Upgrading:
wazuh-indexer x86_64 4.9.0-1 wazuh 813 M
Transaction Summary
===========================================================================================
Upgrade 1 Package
Total download size: 813 M
Is this ok [y/N]: y
Downloading Packages:
wazuh-indexer-4.9.0-1.x86_64.rpm 16 MB/s | 813 MB 00:50
-------------------------------------------------------------------------------------------
Total 16 MB/s | 813 MB 00:50
Running transaction check
Transaction check succeeded.
Running transaction test
Transaction test succeeded.
Running transaction
Preparing : 1/1
Running scriptlet: wazuh-indexer-4.9.0-1.x86_64 1/1
Running scriptlet: wazuh-indexer-4.9.0-1.x86_64 1/2
Upgrading : wazuh-indexer-4.9.0-1.x86_64 1/2
warning: /etc/wazuh-indexer/jvm.options created as /etc/wazuh-indexer/jvm.options.rpmnew
warning: /etc/wazuh-indexer/opensearch-security/internal_users.yml saved as /etc/wazuh-indexer/opensearch-security/internal_users.yml.rpmsave
Running scriptlet: wazuh-indexer-4.9.0-1.x86_64 1/2
### NOT starting on installation, please execute the following statements to configure wazuh-indexer service to start automatically using systemd
sudo systemctl daemon-reload
sudo systemctl enable wazuh-indexer.service
### You can start wazuh-indexer service by executing
sudo systemctl start wazuh-indexer.service
Running scriptlet: wazuh-indexer-4.7.5-1.x86_64 2/2
Cleanup : wazuh-indexer-4.7.5-1.x86_64 2/2
Running scriptlet: wazuh-indexer-4.7.5-1.x86_64 2/2
Verifying : wazuh-indexer-4.9.0-1.x86_64 1/2
Verifying : wazuh-indexer-4.7.5-1.x86_64 2/2
Upgraded:
wazuh-indexer-4.9.0-1.x86_64
Complete!
[root@localhost vagrant]# systemctl daemon-reload
[root@localhost vagrant]# systemctl enable wazuh-indexer
Synchronizing state of wazuh-indexer.service with SysV service script with /usr/lib/systemd/systemd-sysv-install.
Executing: /usr/lib/systemd/systemd-sysv-install enable wazuh-indexer
[root@localhost vagrant]# systemctl start wazuh-indexer
[root@localhost vagrant]# curl -k -u 'admin:VS0vy2og7A?nERxDFiwfdvkL.*h8q9q2' https://127.0.0.1:9200/_cat/nodes?v
ip heap.percent ram.percent cpu load_1m load_5m load_15m node.role node.roles cluster_manager name
127.0.0.1 12 98 2 0.69 0.46 0.26 dimr cluster_manager,data,ingest,remote_cluster_client * node-1
[root@localhost vagrant]# yum upgrade wazuh-manager
Failed to set locale, defaulting to C.UTF-8
Last metadata expiration check: 0:01:56 ago on Fri Sep 6 16:27:42 2024.
Dependencies resolved.
===========================================================================================
Package Architecture Version Repository Size
===========================================================================================
Upgrading:
wazuh-manager x86_64 4.9.0-1 wazuh 303 M
Transaction Summary
===========================================================================================
Upgrade 1 Package
Total download size: 303 M
Is this ok [y/N]: y
Downloading Packages:
wazuh-manager-4.9.0-1.x86_64.rpm 15 MB/s | 303 MB 00:20
-------------------------------------------------------------------------------------------
Total 15 MB/s | 303 MB 00:20
Running transaction check
Transaction check succeeded.
Running transaction test
Transaction test succeeded.
Running transaction
Preparing : 1/1
Running scriptlet: wazuh-manager-4.9.0-1.x86_64 1/1
Running scriptlet: wazuh-manager-4.9.0-1.x86_64 1/2
Upgrading : wazuh-manager-4.9.0-1.x86_64 1/2
warning: /var/ossec/etc/ossec.conf created as /var/ossec/etc/ossec.conf.rpmnew
Running scriptlet: wazuh-manager-4.9.0-1.x86_64 1/2
Running scriptlet: wazuh-manager-4.7.5-1.x86_64 2/2
Cleanup : wazuh-manager-4.7.5-1.x86_64 2/2
Running scriptlet: wazuh-manager-4.7.5-1.x86_64 2/2
Running scriptlet: wazuh-manager-4.9.0-1.x86_64 2/2
Running scriptlet: wazuh-manager-4.7.5-1.x86_64 2/2
Verifying : wazuh-manager-4.9.0-1.x86_64 1/2
Verifying : wazuh-manager-4.7.5-1.x86_64 2/2
Upgraded:
wazuh-manager-4.9.0-1.x86_64
Complete!
[root@localhost vagrant]# /var/ossec/bin/wazuh-keystore -f indexer -k username -v admin
[root@localhost vagrant]# /var/ossec/bin/wazuh-keystore -f indexer -k password -v VS0vy2og7A?nERxDFiwfdvkL.*h8q9q2
[root@localhost vagrant]# curl -s https://packages-dev.wazuh.com/pre-release/filebeat/wazuh-filebeat-0.4.tar.gz | sudo tar -xvz -C /usr/share/filebeat/module
wazuh/
wazuh/_meta/
wazuh/_meta/docs.asciidoc
wazuh/_meta/fields.yml
wazuh/_meta/config.yml
wazuh/alerts/
wazuh/alerts/config/
wazuh/alerts/config/alerts.yml
wazuh/alerts/manifest.yml
wazuh/alerts/ingest/
wazuh/alerts/ingest/pipeline.json
wazuh/module.yml
wazuh/archives/
wazuh/archives/config/
wazuh/archives/config/archives.yml
wazuh/archives/manifest.yml
wazuh/archives/ingest/
wazuh/archives/ingest/pipeline.json
[root@localhost vagrant]# curl -so /etc/filebeat/wazuh-template.json https://raw.githubusercontent.com/wazuh/wazuh/v4.9.0/extensions/elasticsearch/7.x/wazuh-template.json
[root@localhost vagrant]# chmod go+r /etc/filebeat/wazuh-template.json
[root@localhost vagrant]# systemctl daemon-reload
[root@localhost vagrant]# systemctl enable filebeat
Synchronizing state of filebeat.service with SysV service script with /usr/lib/systemd/systemd-sysv-install.
Executing: /usr/lib/systemd/systemd-sysv-install enable filebeat
[root@localhost vagrant]# systemctl start filebeat
[root@localhost vagrant]# filebeat setup --pipelines
Loaded Ingest pipelines
[root@localhost vagrant]# filebeat setup --index-management -E output.logstash.enabled=false
ILM policy and write alias loading not enabled.
Index setup finished.
[root@localhost vagrant]# rm /etc/wazuh-dashboard/opensearch_dashboards.yml
rm: remove regular file '/etc/wazuh-dashboard/opensearch_dashboards.yml'? y
[root@localhost vagrant]# yum upgrade wazuh-dashboard
Failed to set locale, defaulting to C.UTF-8
Last metadata expiration check: 0:04:58 ago on Fri Sep 6 16:27:42 2024.
Dependencies resolved.
===========================================================================================
Package Architecture Version Repository Size
===========================================================================================
Upgrading:
wazuh-dashboard x86_64 4.9.0-2 wazuh 253 M
Transaction Summary
===========================================================================================
Upgrade 1 Package
Total download size: 253 M
Is this ok [y/N]: y
Downloading Packages:
wazuh-dashboard-4.9.0-2.x86_64.rpm 15 MB/s | 253 MB 00:16
-------------------------------------------------------------------------------------------
Total 15 MB/s | 253 MB 00:16
Running transaction check
Transaction check succeeded.
Running transaction test
Transaction test succeeded.
Running transaction
Preparing : 1/1
Running scriptlet: wazuh-dashboard-4.9.0-2.x86_64 1/1
Running scriptlet: wazuh-dashboard-4.9.0-2.x86_64 1/2
Upgrading : wazuh-dashboard-4.9.0-2.x86_64 1/2
Running scriptlet: wazuh-dashboard-4.9.0-2.x86_64 1/2
Running scriptlet: wazuh-dashboard-4.7.5-1.x86_64 2/2
Cleanup : wazuh-dashboard-4.7.5-1.x86_64 2/2
Running scriptlet: wazuh-dashboard-4.7.5-1.x86_64 2/2
Running scriptlet: wazuh-dashboard-4.9.0-2.x86_64 2/2
Running scriptlet: wazuh-dashboard-4.7.5-1.x86_64 2/2
Verifying : wazuh-dashboard-4.9.0-2.x86_64 1/2
Verifying : wazuh-dashboard-4.7.5-1.x86_64 2/2
Upgraded:
wazuh-dashboard-4.9.0-2.x86_64
Complete!
[root@localhost vagrant]# systemctl daemon-reload
[root@localhost vagrant]# systemctl enable wazuh-dashboard
[root@localhost vagrant]# systemctl start wazuh-dashboard
Verify files[root@localhost vagrant]# cat /etc/default/wazuh-dashboard
user="wazuh-dashboard"
group="wazuh-dashboard"
chroot="/"
chdir="/"
nice=""
KILL_ON_STOP_TIMEOUT=0
OSD_PATH_CONF="/etc/wazuh-dashboard"
[root@localhost vagrant]# cat /usr/share/wazuh-dashboard/bin/opensearch-dashboards
#!/bin/sh
#
# SPDX-License-Identifier: Apache-2.0
#
# The OpenSearch Contributors require contributions made to
# this file be licensed under the Apache-2.0 license or a
# compatible open source license.
#
# Any modifications Copyright OpenSearch Contributors. See
# GitHub history for details.
#
SCRIPT="$0"
# SCRIPT may be an arbitrarily deep series of symlinks. Loop until we have the concrete path.
while [ -h "$SCRIPT" ] ; do
loc=$(ls -ld "$SCRIPT")
# Drop everything prior to ->
link=$(expr "$loc" : '.*-> \(.*\)$')
if expr "$link" : '/.*' > /dev/null; then
SCRIPT="$link"
else
SCRIPT=$(dirname "$SCRIPT")/"$link"
fi
done
# Get an absolute path for OSD_HOME
OSD_HOME="$(cd "$(dirname "${SCRIPT}")/.."; pwd)"
OSD_PATH_CONF="/etc/wazuh-dashboard" OSD_NODE_OPTS_PREFIX="--no-warnings --max-http-header-size=65536" OSD_USE_NODE_JS_FILE_PATH=/src/cli/dist NODE_ENV=production exec ${OSD_HOME}/bin/use_node "${@}"
[root@localhost vagrant]# ls -l /etc/wazuh-dashboard/
total 12
dr-x------. 2 wazuh-dashboard wazuh-dashboard 83 Sep 6 16:24 certs
-rw-r-----. 1 wazuh-dashboard wazuh-dashboard 312 Sep 6 14:33 node.options
-rw-r-----. 1 wazuh-dashboard wazuh-dashboard 254 Sep 6 16:24 opensearch_dashboards.keystore
-rw-r-----. 1 wazuh-dashboard wazuh-dashboard 642 Sep 6 14:33 opensearch_dashboards.yml
[root@localhost vagrant]# ls -l /usr/share/wazuh-dashboard/config/
total 8
-rw-r-----. 1 wazuh-dashboard wazuh-dashboard 312 Sep 6 14:30 node.options
-rw-r-----. 1 wazuh-dashboard wazuh-dashboard 642 Sep 6 14:30 opensearch_dashboards.yml
|
Upgrade testOperating system: RHEL 9 Install/upgrade cycle terminal output
|
Upgrade testOperating system: RHEL 9 Install/upgrade cycle terminal output
|
Initial deploymentVagrant Ubuntu 20.04 Quickstart logsUpgrade to 4.9.0UI validation (plus some new alerts generated)
|
Upgrade test 🟢Operating system: Ubuntu 22.04 Install/Upgrade processroot@vagrant:/home/vagrant# bash wazuh-install.sh -u
06/09/2024 16:41:14 INFO: Starting Wazuh installation assistant. Wazuh version: 4.8.2
06/09/2024 16:41:14 INFO: Verbose logging redirected to /var/log/wazuh-install.log
06/09/2024 16:41:15 INFO: Removing Wazuh manager.
06/09/2024 16:41:28 INFO: Wazuh manager removed.
06/09/2024 16:41:28 INFO: Removing Wazuh indexer.
06/09/2024 16:41:29 INFO: Wazuh indexer removed.
06/09/2024 16:41:29 INFO: Removing Filebeat.
06/09/2024 16:41:30 INFO: Filebeat removed.
06/09/2024 16:41:30 INFO: Removing Wazuh dashboard.
06/09/2024 16:41:35 INFO: Wazuh dashboard removed.
root@vagrant:/home/vagrant# bash wazuh-install.sh -a
06/09/2024 16:41:46 INFO: Starting Wazuh installation assistant. Wazuh version: 4.8.2
06/09/2024 16:41:46 INFO: Verbose logging redirected to /var/log/wazuh-install.log
06/09/2024 16:41:46 INFO: Verifying that your system meets the recommended minimum hardware requirements.
06/09/2024 16:41:51 INFO: Wazuh web interface port will be 443.
06/09/2024 16:41:55 INFO: Wazuh repository added.
06/09/2024 16:41:55 INFO: --- Configuration files ---
06/09/2024 16:41:55 INFO: Generating configuration files.
06/09/2024 16:41:55 INFO: Generating the root certificate.
06/09/2024 16:41:55 INFO: Generating Admin certificates.
06/09/2024 16:41:55 INFO: Generating Wazuh indexer certificates.
06/09/2024 16:41:56 INFO: Generating Filebeat certificates.
06/09/2024 16:41:56 INFO: Generating Wazuh dashboard certificates.
06/09/2024 16:41:56 INFO: Created wazuh-install-files.tar. It contains the Wazuh cluster key, certificates, and passwords necessary for installation.
06/09/2024 16:41:56 INFO: --- Wazuh indexer ---
06/09/2024 16:41:56 INFO: Starting Wazuh indexer installation.
06/09/2024 16:42:29 INFO: Wazuh indexer installation finished.
06/09/2024 16:42:29 INFO: Wazuh indexer post-install configuration finished.
06/09/2024 16:42:29 INFO: Starting service wazuh-indexer.
06/09/2024 16:42:35 INFO: wazuh-indexer service started.
06/09/2024 16:42:35 INFO: Initializing Wazuh indexer cluster security settings.
06/09/2024 16:42:47 INFO: Wazuh indexer cluster security configuration initialized.
06/09/2024 16:42:47 INFO: Wazuh indexer cluster initialized.
06/09/2024 16:42:47 INFO: --- Wazuh server ---
06/09/2024 16:42:47 INFO: Starting the Wazuh manager installation.
06/09/2024 16:43:25 INFO: Wazuh manager installation finished.
06/09/2024 16:43:25 INFO: Wazuh manager vulnerability detection configuration finished.
06/09/2024 16:43:25 INFO: Starting service wazuh-manager.
06/09/2024 16:43:39 INFO: wazuh-manager service started.
06/09/2024 16:43:39 INFO: Starting Filebeat installation.
06/09/2024 16:43:47 INFO: Filebeat installation finished.
06/09/2024 16:43:48 INFO: Filebeat post-install configuration finished.
06/09/2024 16:43:48 INFO: Starting service filebeat.
06/09/2024 16:43:49 INFO: filebeat service started.
06/09/2024 16:43:49 INFO: --- Wazuh dashboard ---
06/09/2024 16:43:49 INFO: Starting Wazuh dashboard installation.
06/09/2024 16:45:36 INFO: Wazuh dashboard installation finished.
06/09/2024 16:45:36 INFO: Wazuh dashboard post-install configuration finished.
06/09/2024 16:45:36 INFO: Starting service wazuh-dashboard.
06/09/2024 16:45:37 INFO: wazuh-dashboard service started.
06/09/2024 16:45:37 INFO: Updating the internal users.
06/09/2024 16:45:39 INFO: A backup of the internal users has been saved in the /etc/wazuh-indexer/internalusers-backup folder.
06/09/2024 16:46:13 INFO: Initializing Wazuh dashboard web application.
06/09/2024 16:46:14 INFO: Wazuh dashboard web application initialized.
06/09/2024 16:46:14 INFO: --- Summary ---
06/09/2024 16:46:14 INFO: You can access the web interface https://<wazuh-dashboard-ip>:443
User: admin
Password: pu+MkkRPr76q3aCr?3CX7H2+5jXOSOy+
06/09/2024 16:46:14 INFO: Installation finished.
root@vagrant:/home/vagrant# ^C
root@vagrant:/home/vagrant# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: eth0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
link/ether 08:00:27:06:e8:56 brd ff:ff:ff:ff:ff:ff
altname enp0s3
inet 10.0.2.15/24 metric 100 brd 10.0.2.255 scope global dynamic eth0
valid_lft 66321sec preferred_lft 66321sec
inet6 fe80::a00:27ff:fe06:e856/64 scope link
valid_lft forever preferred_lft forever
3: eth1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
link/ether 08:00:27:0a:7f:75 brd ff:ff:ff:ff:ff:ff
altname enp0s8
inet 192.168.0.142/24 metric 100 brd 192.168.0.255 scope global dynamic eth1
valid_lft 3331sec preferred_lft 3331sec
inet6 fe80::a00:27ff:fe0a:7f75/64 scope link
valid_lft forever preferred_lft forever
root@vagrant:/home/vagrant# echo "deb [signed-by=/usr/share/keyrings/wazuh.gpg] https://packages-dev.wazuh.com/pre-release/apt/ unstable main" | tee -a /etc/apt/sources.list.d/wazuh.list
deb [signed-by=/usr/share/keyrings/wazuh.gpg] https://packages-dev.wazuh.com/pre-release/apt/ unstable main
root@vagrant:/home/vagrant# apt-get update
Hit:1 https://packages.wazuh.com/4.x/apt stable InRelease
Hit:2 http://security.ubuntu.com/ubuntu jammy-security InRelease
Hit:3 http://us.archive.ubuntu.com/ubuntu jammy InRelease
Get:4 http://us.archive.ubuntu.com/ubuntu jammy-updates InRelease [128 kB]
Get:5 https://packages-dev.wazuh.com/pre-release/apt unstable InRelease [17.3 kB]
Hit:6 http://us.archive.ubuntu.com/ubuntu jammy-backports InRelease
Get:7 http://us.archive.ubuntu.com/ubuntu jammy-updates/main amd64 Packages [1,988 kB]
Get:8 https://packages-dev.wazuh.com/pre-release/apt unstable/main amd64 Packages [40.5 kB]
Fetched 2,174 kB in 3s (780 kB/s)
Reading package lists... Done
root@vagrant:/home/vagrant# systemctl stop filebeat
systemctl stop wazuh-dashboard
root@vagrant:/home/vagrant# systemctl stop wazuh-indexer
root@vagrant:/home/vagrant# apt-get install wazuh-indexer
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
The following packages will be upgraded:
wazuh-indexer
1 upgraded, 0 newly installed, 0 to remove and 86 not upgraded.
Need to get 0 B/850 MB of archives.
After this operation, 26.6 MB of additional disk space will be used.
(Reading database ... 159323 files and directories currently installed.)
Preparing to unpack .../wazuh-indexer_4.9.0-1_amd64.deb ...
Running Wazuh Indexer Pre-Installation Script
Unpacking wazuh-indexer (4.9.0-1) over (4.8.2-1) ...
Setting up wazuh-indexer (4.9.0-1) ...
Installing new version of config file /etc/default/wazuh-indexer ...
Configuration file '/etc/init.d/wazuh-indexer'
==> Deleted (by you or by a script) since installation.
==> Package distributor has shipped an updated version.
What would you like to do about it ? Your options are:
Y or I : install the package maintainer's version
N or O : keep your currently-installed version
D : show the differences between the versions
Z : start a shell to examine the situation
The default action is to keep your current version.
*** wazuh-indexer (Y/I/N/O/D/Z) [default=N] ? Y
Installing new version of config file /etc/init.d/wazuh-indexer ...
Configuration file '/etc/wazuh-indexer/jvm.options'
==> Modified (by you or by a script) since installation.
==> Package distributor has shipped an updated version.
What would you like to do about it ? Your options are:
Y or I : install the package maintainer's version
N or O : keep your currently-installed version
D : show the differences between the versions
Z : start a shell to examine the situation
The default action is to keep your current version.
*** jvm.options (Y/I/N/O/D/Z) [default=N] ? Y
Installing new version of config file /etc/wazuh-indexer/jvm.options ...
Installing new version of config file /etc/wazuh-indexer/log4j2.properties ...
Installing new version of config file /etc/wazuh-indexer/opensearch-performance-analyzer/opensearch_security.policy ...
Configuration file '/etc/wazuh-indexer/opensearch-security/internal_users.yml'
==> Modified (by you or by a script) since installation.
==> Package distributor has shipped an updated version.
What would you like to do about it ? Your options are:
Y or I : install the package maintainer's version
N or O : keep your currently-installed version
D : show the differences between the versions
Z : start a shell to examine the situation
The default action is to keep your current version.
*** internal_users.yml (Y/I/N/O/D/Z) [default=N] ? Y
Installing new version of config file /etc/wazuh-indexer/opensearch-security/internal_users.yml ...
Installing new version of config file /etc/wazuh-indexer/opensearch-security/roles.yml ...
Installing new version of config file /etc/wazuh-indexer/opensearch-security/roles_mapping.yml ...
Running Wazuh Indexer Post-Installation Script
### NOT starting on installation, please execute the following statements to configure wazuh-indexer service to start automatically using systemd
sudo systemctl daemon-reload
sudo systemctl enable wazuh-indexer.service
### You can start wazuh-indexer service by executing
sudo systemctl start wazuh-indexer.service
Scanning processes...
Scanning linux images...
Running kernel seems to be up-to-date.
No services need to be restarted.
No containers need to be restarted.
No user sessions are running outdated binaries.
No VM guests are running outdated hypervisor (qemu) binaries on this host.
root@vagrant:/home/vagrant# systemctl daemon-reload
systemctl enable wazuh-indexer
systemctl start wazuh-indexer
Synchronizing state of wazuh-indexer.service with SysV service script with /lib/systemd/systemd-sysv-install.
Executing: /lib/systemd/systemd-sysv-install enable wazuh-indexer
root@vagrant:/home/vagrant# curl -k -u 'admin:pu+MkkRPr76q3aCr?3CX7H2+5jXOSOy+' https://127.0.0.1:9200/_cat/nodes?v
OpenSearch Security not initialized.root@vagrant:/home/vagrant# curl -k -u 'admin:pu+MkkRPr76q3aCr?3CX7H2+5jXOSOy+' https://127.0.0.1:9200/_cat/nodes?v
OpenSearch Security not initialized.root@vagrant:/home/vagrant# curl -k -u 'admin:pu+MkkRPr76q3aCr?3CX7H2+5jXOSOy+' https://127.0.0.1:9200/_cat/nodes?v
root@vagrant:/home/vagrant# apt-get install wazuh-indexer
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
wazuh-indexer is already the newest version (4.9.0-1).
0 upgraded, 0 newly installed, 0 to remove and 86 not upgraded.
root@vagrant:/home/vagrant# systemctl daemon-reload
systemctl enable wazuh-indexer
systemctl start wazuh-indexer
Synchronizing state of wazuh-indexer.service with SysV service script with /lib/systemd/systemd-sysv-install.
Executing: /lib/systemd/systemd-sysv-install enable wazuh-indexer
root@vagrant:/home/vagrant# systemctl start wazuh-indexer
root@vagrant:/home/vagrant# curl -k -u 'admin:pu+MkkRPr76q3aCr?3CX7H2+5jXOSOy+' https://127.0.0.1:9200/_cat/nodes?v
ip heap.percent ram.percent cpu load_1m load_5m load_15m node.role node.roles cluster_manager name
127.0.0.1 47 96 9 1.54 1.55 1.17 dimr cluster_manager,data,ingest,remote_cluster_client * node-1
root@vagrant:/home/vagrant# apt-get install wazuh-manager
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
Suggested packages:
expect
The following packages will be upgraded:
wazuh-manager
1 upgraded, 0 newly installed, 0 to remove and 85 not upgraded.
Need to get 0 B/322 MB of archives.
After this operation, 24.2 MB disk space will be freed.
(Reading database ... 159336 files and directories currently installed.)
Preparing to unpack .../wazuh-manager_4.9.0-1_amd64.deb ...
Unpacking wazuh-manager (4.9.0-1) over (4.8.2-1) ...
Setting up wazuh-manager (4.9.0-1) ...
Scanning processes...
Scanning linux images...
Running kernel seems to be up-to-date.
No services need to be restarted.
No containers need to be restarted.
No user sessions are running outdated binaries.
No VM guests are running outdated hypervisor (qemu) binaries on this host.
root@vagrant:/home/vagrant# /var/ossec/bin/wazuh-keystore -f indexer -k username -v admin
root@vagrant:/home/vagrant# /var/ossec/bin/wazuh-keystore -f indexer -k password -v pu+MkkRPr76q3aCr?3CX7H2+5jXOSOy+
root@vagrant:/home/vagrant# curl -s https://packages-dev.wazuh.com/pre-release/filebeat/wazuh-filebeat-0.4.tar.gz | sudo tar -xvz -C /usr/share/filebeat/module
wazuh/
wazuh/_meta/
wazuh/_meta/docs.asciidoc
wazuh/_meta/fields.yml
wazuh/_meta/config.yml
wazuh/alerts/
wazuh/alerts/config/
wazuh/alerts/config/alerts.yml
wazuh/alerts/manifest.yml
wazuh/alerts/ingest/
wazuh/alerts/ingest/pipeline.json
wazuh/module.yml
wazuh/archives/
wazuh/archives/config/
wazuh/archives/config/archives.yml
wazuh/archives/manifest.yml
wazuh/archives/ingest/
wazuh/archives/ingest/pipeline.json
root@vagrant:/home/vagrant# curl -so /etc/filebeat/wazuh-template.json https://raw.githubusercontent.com/wazuh/wazuh/v4.9.0/extensions/elasticsearch/7.x/wazuh-template.json
chmod go+r /etc/filebeat/wazuh-template.json
root@vagrant:/home/vagrant# systemctl daemon-reload
systemctl enable filebeat
systemctl start filebeat
Synchronizing state of filebeat.service with SysV service script with /lib/systemd/systemd-sysv-install.
Executing: /lib/systemd/systemd-sysv-install enable filebeat
root@vagrant:/home/vagrant# filebeat setup --pipelines
filebeat setup --index-management -E output.logstash.enabled=false
Loaded Ingest pipelines
ILM policy and write alias loading not enabled.
Index setup finished.
root@vagrant:/home/vagrant# apt-get install wazuh-dashboard
Reading package lists... Done
Building dependency tree... Done
Reading state information... Done
The following packages will be upgraded:
wazuh-dashboard
1 upgraded, 0 newly installed, 0 to remove and 84 not upgraded.
Need to get 166 MB of archives.
After this operation, 64.3 MB disk space will be freed.
Get:1 https://packages-dev.wazuh.com/pre-release/apt unstable/main amd64 wazuh-dashboard amd64 4.9.0-2 [166 MB]
Fetched 166 MB in 11s (15.0 MB/s)
(Reading database ... 161283 files and directories currently installed.)
Preparing to unpack .../wazuh-dashboard_4.9.0-2_amd64.deb ...
Unpacking wazuh-dashboard (4.9.0-2) over (4.8.2-1) ...
Setting up wazuh-dashboard (4.9.0-2) ...
Installing new version of config file /etc/systemd/system/wazuh-dashboard ...
Installing new version of config file /etc/wazuh-dashboard/node.options ...
Configuration file '/etc/wazuh-dashboard/opensearch_dashboards.yml'
==> Modified (by you or by a script) since installation.
==> Package distributor has shipped an updated version.
What would you like to do about it ? Your options are:
Y or I : install the package maintainer's version
N or O : keep your currently-installed version
D : show the differences between the versions
Z : start a shell to examine the situation
The default action is to keep your current version.
*** opensearch_dashboards.yml (Y/I/N/O/D/Z) [default=N] ? Y
Installing new version of config file /etc/wazuh-dashboard/opensearch_dashboards.yml ...
Scanning processes...
Scanning linux images...
Running kernel seems to be up-to-date.
No services need to be restarted.
No containers need to be restarted.
No user sessions are running outdated binaries.
No VM guests are running outdated hypervisor (qemu) binaries on this host.
root@vagrant:/home/vagrant# systemctl daemon-reload
systemctl enable wazuh-dashboard
systemctl start wazuh-dashboard
Verify filesroot@vagrant:/home/vagrant# cat /etc/default/wazuh-dashboard
user="wazuh-dashboard"
group="wazuh-dashboard"
chroot="/"
chdir="/"
nice=""
KILL_ON_STOP_TIMEOUT=0
OSD_PATH_CONF="/etc/wazuh-dashboard"
root@vagrant:/home/vagrant# cat /usr/share/wazuh-dashboard/bin/opensearch-dashboards
#!/bin/sh
#
# SPDX-License-Identifier: Apache-2.0
#
# The OpenSearch Contributors require contributions made to
# this file be licensed under the Apache-2.0 license or a
# compatible open source license.
#
# Any modifications Copyright OpenSearch Contributors. See
# GitHub history for details.
#
SCRIPT="$0"
# SCRIPT may be an arbitrarily deep series of symlinks. Loop until we have the concrete path.
while [ -h "$SCRIPT" ] ; do
loc=$(ls -ld "$SCRIPT")
# Drop everything prior to ->
link=$(expr "$loc" : '.*-> \(.*\)$')
if expr "$link" : '/.*' > /dev/null; then
SCRIPT="$link"
else
SCRIPT=$(dirname "$SCRIPT")/"$link"
fi
done
# Get an absolute path for OSD_HOME
OSD_HOME="$(cd "$(dirname "${SCRIPT}")/.."; pwd)"
OSD_PATH_CONF="/etc/wazuh-dashboard" OSD_NODE_OPTS_PREFIX="--no-warnings --max-http-header-size=65536" OSD_USE_NODE_JS_FILE_PATH=/src/cli/dist NODE_ENV=production exec ${OSD_HOME}/bin/use_node "${@}"
root@vagrant:/home/vagrant# ls -l /etc/wazuh-dashboard/
total 20
dr-x------ 2 wazuh-dashboard wazuh-dashboard 4096 Sep 6 16:45 certs
-rw-r----- 1 wazuh-dashboard wazuh-dashboard 312 May 5 2023 node.options
-rw-r----- 1 wazuh-dashboard wazuh-dashboard 254 Sep 6 16:46 opensearch_dashboards.keystore
-rw-r----- 1 wazuh-dashboard wazuh-dashboard 642 May 5 2023 opensearch_dashboards.yml
-rw-r----- 1 wazuh-dashboard wazuh-dashboard 714 Sep 6 16:45 opensearch_dashboards.yml.dpkg-old
root@vagrant:/home/vagrant# ls -l /usr/share/wazuh-dashboard/config/
total 8
-rw-r----- 1 wazuh-dashboard wazuh-dashboard 312 May 5 2023 node.options
-rw-r----- 1 wazuh-dashboard wazuh-dashboard 642 May 5 2023 opensearch_dashboards.yml
|
RPM testingStep-by-Step 4.9.0 RPM 🟢
Wazuh installation assistant 4.9.0 RPM 🟢
Step-by-Step Upgrade 4.8.2 - 4.9.0 RPM 🟢
Wazuh installation assistant Upgrade 4.8.2 - 4.9.0 RPM 🟢
|
DEB testingWazuh installation assistant 4.9.0 DEB 🟢
Step-by-Step Upgrade 4.8.2 - 4.9.0 DEB 🟢
Wazuh installation assistant Upgrade 4.8.2 - 4.9.0 DEB 🟢
|
DEB testingStep-by-Step 4.9.0 DEB 🟢
|
AMI 🟢
|
|
As the package has been widely tested and released, we can conclude the testing |
yenienserrano
pushed a commit
to yenienserrano/wazuh-dashboard
that referenced
this issue
Oct 2, 2024
…arch-project#6525) * feat: add workspace list Signed-off-by: tygao <[email protected]> * doc: update changelog Signed-off-by: tygao <[email protected]> * fix test for delete workspace modal (wazuh#299) Signed-off-by: tygao <[email protected]> * update function name and modal Signed-off-by: tygao <[email protected]> --------- Signed-off-by: tygao <[email protected]> (cherry picked from commit 2a94f32) Signed-off-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com> # Conflicts: # CHANGELOG.md Co-authored-by: github-actions[bot] <github-actions[bot]@users.noreply.github.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Description
After an issue was found after upgrading environments to 4.9.0, a new 4.9.0-2 package was generated .
We need to test all the packages, upgrading from 4.7 and from 4.8 to make sure that there are no errors
The text was updated successfully, but these errors were encountered: