-
Notifications
You must be signed in to change notification settings - Fork 1.5k
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Release 4.3.6 - Release Candidate 1 - E2E UX tests - Wazuh Dashboard #14348
Labels
module/app/kibana
This issue or pull request is related to the Kibana app
release test/4.3.6
Issues related to testing for 4.3.6
type/test/manual
Comments
pepitoenpeligro
added
module/app/kibana
This issue or pull request is related to the Kibana app
type/test/manual
release test/4.3.6
Issues related to testing for 4.3.6
labels
Jul 19, 2022
1 task
0. Installation logs 🟢dashboard /var/log/wazuh-install.log19/07/2022 05:20:54 INFO: Starting Wazuh installation assistant. Wazuh version: 4.3.6
19/07/2022 05:20:54 INFO: Verbose logging redirected to /var/log/wazuh-install.log
[wazuh]
gpgcheck=1
gpgkey=https://packages-dev.wazuh.com/key/GPG-KEY-WAZUH
enabled=1
name=EL-${releasever} - Wazuh
baseurl=https://packages-dev.wazuh.com/pre-release/yum/
protect=1
19/07/2022 05:20:59 INFO: Wazuh development repository added.
19/07/2022 05:21:00 INFO: --- Wazuh dashboard ----
19/07/2022 05:21:00 INFO: Starting Wazuh dashboard installation.
Loaded plugins: extras_suggestions, langpacks, priorities, update-motd
Resolving Dependencies
--> Running transaction check
---> Package wazuh-dashboard.x86_64 0:4.3.6-1 will be installed
--> Finished Dependency Resolution
Dependencies Resolved
================================================================================
Package Arch Version Repository Size
================================================================================
Installing:
wazuh-dashboard x86_64 4.3.6-1 wazuh 150 M
Transaction Summary
================================================================================
Install 1 Package
Total download size: 150 M
Installed size: 588 M
Downloading packages:
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
Installing : wazuh-dashboard-4.3.6-1.x86_64 1/1
Verifying : wazuh-dashboard-4.3.6-1.x86_64 1/1
Installed:
wazuh-dashboard.x86_64 0:4.3.6-1
Complete!
19/07/2022 05:21:49 INFO: Wazuh dashboard installation finished.
19/07/2022 05:21:49 INFO: Wazuh dashboard post-install configuration finished.
19/07/2022 05:21:49 INFO: Starting service wazuh-dashboard.
Created symlink from /etc/systemd/system/multi-user.target.wants/wazuh-dashboard.service to /etc/systemd/system/wazuh-dashboard.service.
19/07/2022 05:21:50 INFO: wazuh-dashboard service started.
19/07/2022 05:22:16 INFO: Initializing Wazuh dashboard web application.
19/07/2022 05:22:17 INFO: Wazuh dashboard web application initialized.
19/07/2022 05:22:17 INFO: Installation finished. indexer /var/log/wazuh-install.log19/07/2022 05:19:30 INFO: Starting Wazuh installation assistant. Wazuh version: 4.3.6
19/07/2022 05:19:30 INFO: Verbose logging redirected to /var/log/wazuh-install.log
Security Admin v7
Will connect to 172.31.23.179:9300 ... done
Connected as CN=admin,OU=Wazuh,O=Wazuh,L=California,C=US
OpenSearch Version: 1.2.4
OpenSearch Security Version: 1.2.4.0
Contacting opensearch cluster 'opensearch' and wait for YELLOW clusterstate ...
Clustername: wazuh-indexer-cluster
Clusterstate: GREEN
Number of nodes: 1
Number of data nodes: 1
.opendistro_security index does not exists, attempt to create it ... done (0-all replicas)
Populate config from /usr/share/wazuh-indexer/plugins/opensearch-security/securityconfig/
Will update '_doc/config' with /usr/share/wazuh-indexer/plugins/opensearch-security/securityconfig/config.yml
SUCC: Configuration for 'config' created or updated
Will update '_doc/roles' with /usr/share/wazuh-indexer/plugins/opensearch-security/securityconfig/roles.yml
SUCC: Configuration for 'roles' created or updated
Will update '_doc/rolesmapping' with /usr/share/wazuh-indexer/plugins/opensearch-security/securityconfig/roles_mapping.yml
SUCC: Configuration for 'rolesmapping' created or updated
Will update '_doc/internalusers' with /usr/share/wazuh-indexer/plugins/opensearch-security/securityconfig/internal_users.yml
SUCC: Configuration for 'internalusers' created or updated
Will update '_doc/actiongroups' with /usr/share/wazuh-indexer/plugins/opensearch-security/securityconfig/action_groups.yml
SUCC: Configuration for 'actiongroups' created or updated
Will update '_doc/tenants' with /usr/share/wazuh-indexer/plugins/opensearch-security/securityconfig/tenants.yml
SUCC: Configuration for 'tenants' created or updated
Will update '_doc/nodesdn' with /usr/share/wazuh-indexer/plugins/opensearch-security/securityconfig/nodes_dn.yml
SUCC: Configuration for 'nodesdn' created or updated
Will update '_doc/whitelist' with /usr/share/wazuh-indexer/plugins/opensearch-security/securityconfig/whitelist.yml
SUCC: Configuration for 'whitelist' created or updated
Will update '_doc/audit' with /usr/share/wazuh-indexer/plugins/opensearch-security/securityconfig/audit.yml
SUCC: Configuration for 'audit' created or updated
Done with success
19/07/2022 05:19:40 INFO: Wazuh indexer cluster security configuration initialized.
{"acknowledged":true}Security Admin v7
Will connect to 172.31.23.179:9300 ... done
Connected as CN=admin,OU=Wazuh,O=Wazuh,L=California,C=US
OpenSearch Version: 1.2.4
OpenSearch Security Version: 1.2.4.0
Contacting opensearch cluster 'opensearch' and wait for YELLOW clusterstate ...
Clustername: wazuh-indexer-cluster
Clusterstate: GREEN
Number of nodes: 1
Number of data nodes: 1
.opendistro_security index already exists, so we do not need to create one.
Will retrieve '_doc/config' into /usr/share/wazuh-indexer/backup/config.yml
SUCC: Configuration for 'config' stored in /usr/share/wazuh-indexer/backup/config.yml
Will retrieve '_doc/roles' into /usr/share/wazuh-indexer/backup/roles.yml
SUCC: Configuration for 'roles' stored in /usr/share/wazuh-indexer/backup/roles.yml
Will retrieve '_doc/rolesmapping' into /usr/share/wazuh-indexer/backup/roles_mapping.yml
SUCC: Configuration for 'rolesmapping' stored in /usr/share/wazuh-indexer/backup/roles_mapping.yml
Will retrieve '_doc/internalusers' into /usr/share/wazuh-indexer/backup/internal_users.yml
SUCC: Configuration for 'internalusers' stored in /usr/share/wazuh-indexer/backup/internal_users.yml
Will retrieve '_doc/actiongroups' into /usr/share/wazuh-indexer/backup/action_groups.yml
SUCC: Configuration for 'actiongroups' stored in /usr/share/wazuh-indexer/backup/action_groups.yml
Will retrieve '_doc/tenants' into /usr/share/wazuh-indexer/backup/tenants.yml
SUCC: Configuration for 'tenants' stored in /usr/share/wazuh-indexer/backup/tenants.yml
Will retrieve '_doc/nodesdn' into /usr/share/wazuh-indexer/backup/nodes_dn.yml
SUCC: Configuration for 'nodesdn' stored in /usr/share/wazuh-indexer/backup/nodes_dn.yml
Will retrieve '_doc/whitelist' into /usr/share/wazuh-indexer/backup/whitelist.yml
SUCC: Configuration for 'whitelist' stored in /usr/share/wazuh-indexer/backup/whitelist.yml
Will retrieve '_doc/audit' into /usr/share/wazuh-indexer/backup/audit.yml
SUCC: Configuration for 'audit' stored in /usr/share/wazuh-indexer/backup/audit.yml
Security Admin v7
Will connect to 172.31.23.179:9300 ... done
Connected as CN=admin,OU=Wazuh,O=Wazuh,L=California,C=US
OpenSearch Version: 1.2.4
OpenSearch Security Version: 1.2.4.0
Contacting opensearch cluster 'opensearch' and wait for YELLOW clusterstate ...
Clustername: wazuh-indexer-cluster
Clusterstate: GREEN
Number of nodes: 1
Number of data nodes: 1
.opendistro_security index already exists, so we do not need to create one.
Populate config from /usr/share/wazuh-indexer/plugins/opensearch-security/securityconfig/
Will update '_doc/config' with /usr/share/wazuh-indexer/plugins/opensearch-security/securityconfig/config.yml
SUCC: Configuration for 'config' created or updated
Will update '_doc/roles' with /usr/share/wazuh-indexer/plugins/opensearch-security/securityconfig/roles.yml
SUCC: Configuration for 'roles' created or updated
Will update '_doc/rolesmapping' with /usr/share/wazuh-indexer/plugins/opensearch-security/securityconfig/roles_mapping.yml
SUCC: Configuration for 'rolesmapping' created or updated
Will update '_doc/internalusers' with /usr/share/wazuh-indexer/plugins/opensearch-security/securityconfig/internal_users.yml
SUCC: Configuration for 'internalusers' created or updated
Will update '_doc/actiongroups' with /usr/share/wazuh-indexer/plugins/opensearch-security/securityconfig/action_groups.yml
SUCC: Configuration for 'actiongroups' created or updated
Will update '_doc/tenants' with /usr/share/wazuh-indexer/plugins/opensearch-security/securityconfig/tenants.yml
SUCC: Configuration for 'tenants' created or updated
Will update '_doc/nodesdn' with /usr/share/wazuh-indexer/plugins/opensearch-security/securityconfig/nodes_dn.yml
SUCC: Configuration for 'nodesdn' created or updated
Will update '_doc/whitelist' with /usr/share/wazuh-indexer/plugins/opensearch-security/securityconfig/whitelist.yml
SUCC: Configuration for 'whitelist' created or updated
Will update '_doc/audit' with /usr/share/wazuh-indexer/plugins/opensearch-security/securityconfig/audit.yml
SUCC: Configuration for 'audit' created or updated
Done with success
19/07/2022 05:19:58 INFO: Wazuh indexer cluster started. server /var/log/wazuh-install.log19/07/2022 05:20:52 INFO: Starting Wazuh installation assistant. Wazuh version: 4.3.6
19/07/2022 05:20:52 INFO: Verbose logging redirected to /var/log/wazuh-install.log
[wazuh]
gpgcheck=1
gpgkey=https://packages-dev.wazuh.com/key/GPG-KEY-WAZUH
enabled=1
name=EL-${releasever} - Wazuh
baseurl=https://packages-dev.wazuh.com/pre-release/yum/
protect=1
19/07/2022 05:20:58 INFO: Wazuh development repository added.
19/07/2022 05:20:58 INFO: --- Wazuh server ---
19/07/2022 05:20:58 INFO: Starting the Wazuh manager installation.
Loaded plugins: extras_suggestions, langpacks, priorities, update-motd
Resolving Dependencies
--> Running transaction check
---> Package wazuh-manager.x86_64 0:4.3.6-1 will be installed
--> Finished Dependency Resolution
Dependencies Resolved
================================================================================
Package Arch Version Repository Size
================================================================================
Installing:
wazuh-manager x86_64 4.3.6-1 wazuh 114 M
Transaction Summary
================================================================================
Install 1 Package
Total download size: 114 M
Installed size: 437 M
Downloading packages:
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
Installing : wazuh-manager-4.3.6-1.x86_64 1/1
Verifying : wazuh-manager-4.3.6-1.x86_64 1/1
Installed:
wazuh-manager.x86_64 0:4.3.6-1
Complete!
19/07/2022 05:21:25 INFO: Wazuh manager installation finished.
19/07/2022 05:21:25 INFO: Starting service wazuh-manager.
Created symlink from /etc/systemd/system/multi-user.target.wants/wazuh-manager.service to /usr/lib/systemd/system/wazuh-manager.service.
19/07/2022 05:21:40 INFO: wazuh-manager service started.
19/07/2022 05:21:40 INFO: Starting Filebeat installation.
Existing lock /var/run/yum.pid: another copy is running as pid 7756.
Another app is currently holding the yum lock; waiting for it to exit...
The other application is: yum
Memory : 166 M RSS (384 MB VSZ)
Started: Tue Jul 19 05:21:38 2022 - 00:03 ago
State : Running, pid: 7756
Another app is currently holding the yum lock; waiting for it to exit...
The other application is: yum
Memory : 164 M RSS (382 MB VSZ)
Started: Tue Jul 19 05:21:38 2022 - 00:05 ago
State : Running, pid: 7756
19/07/2022 05:22:34 INFO: Filebeat installation finished.
wazuh/
wazuh/module.yml
wazuh/archives/
wazuh/archives/config/
wazuh/archives/config/archives.yml
wazuh/archives/ingest/
wazuh/archives/ingest/pipeline.json
wazuh/archives/manifest.yml
wazuh/alerts/
wazuh/alerts/config/
wazuh/alerts/config/alerts.yml
wazuh/alerts/ingest/
wazuh/alerts/ingest/pipeline.json
wazuh/alerts/manifest.yml
wazuh/_meta/
wazuh/_meta/config.yml
wazuh/_meta/fields.yml
wazuh/_meta/docs.asciidoc
Created filebeat keystore
Successfully updated the keystore
Successfully updated the keystore
19/07/2022 05:22:35 INFO: Filebeat post-install configuration finished.
Successfully updated the keystore
19/07/2022 05:22:46 INFO: Starting service filebeat.
Created symlink from /etc/systemd/system/multi-user.target.wants/filebeat.service to /usr/lib/systemd/system/filebeat.service.
19/07/2022 05:22:46 INFO: filebeat service started.
19/07/2022 05:22:46 INFO: Installation finished. |
Wazuh Dashboard Package specs 🟢yum info wazuh-dashboard
Loaded plugins: extras_suggestions, langpacks, priorities, update-motd
Installed Packages
Name : wazuh-dashboard
Arch : x86_64
Version : 4.3.6
Release : 1
Size : 588 M
Repo : installed
From repo : wazuh
Summary : Wazuh dashboard is a user interface and visualization tool for security-related data. Documentation can be found at
: https://documentation.wazuh.com/current/getting-started/components/wazuh-dashboard.html
URL : https://www.wazuh.com/
License : GPL
Description : Wazuh dashboard is a user interface and visualization tool for security-related data. This Wazuh central component enables exploring, visualizing, and analyzing the stored security alerts generated
: by the Wazuh server. Wazuh dashboard enables inspecting the status and managing the configurations of the Wazuh cluster and agents as well as creating and managing users and roles. In addition, it
: allows testing the ruleset and making calls to the Wazuh API. Documentation can be found at https://documentation.wazuh.com/current/getting-started/components/wazuh-dashboard.html
rpm -qi $(rpm -qa | awk '/dashboard/ {print $0}')
Name : wazuh-dashboard
Version : 4.3.6
Release : 1
Architecture: x86_64
Install Date: Tue 19 Jul 2022 05:21:44 AM UTC
Group : System Environment/Daemons
Size : 616324112
License : GPL
Signature : RSA/SHA256, Mon 18 Jul 2022 07:56:47 PM UTC, Key ID 96b3ee5f29111145
Source RPM : wazuh-dashboard-4.3.6-1.src.rpm
Build Date : Mon 18 Jul 2022 07:47:44 PM UTC
Build Host : ip-172-31-95-149.ec2.internal
Relocations : (not relocatable)
Packager : Wazuh, Inc <info@wazuh.com>
Vendor : Wazuh, Inc <info@wazuh.com>
URL : https://www.wazuh.com/
Summary : Wazuh dashboard is a user interface and visualization tool for security-related data. Documentation can be found at https://documentation.wazuh.com/current/getting-started/components/wazuh-dashboard.html
Description :
Wazuh dashboard is a user interface and visualization tool for security-related data. This Wazuh central component enables exploring, visualizing, and analyzing the stored security alerts generated by the Wazuh server. Wazuh dashboard enables inspecting the status and managing the configurations of the Wazuh cluster and agents as well as creating and managing users and roles. In addition, it allows testing the ruleset and making calls to the Wazuh API. Documentation can be found at https://documentation.wazuh.com/current/getting-started/components/wazuh-dashboard.html |
Dashboard package metadata (description) 🟢yum -C search wazuh-dashboard
Loaded plugins: extras_suggestions, langpacks, priorities, update-motd
=============================================================================================== N/S matched: wazuh-dashboard ================================================================================================
wazuh-dashboard.x86_64 : Wazuh dashboard is a user interface and visualization tool for security-related data. Documentation can be found at
: https://documentation.wazuh.com/current/getting-started/components/wazuh-dashboard.html
Name and summary matches only, use "search all" for everything. Grabacion.de.pantalla.2022-07-19.a.las.7.45.04.mov |
Dashboard package digital signature 🟢rpm -qi $(rpm -qa | awk '/dashboard/ {print $0}') | awk '/Name|Install|Signature/ {print $0}'
Name : wazuh-dashboard
Install Date: Tue 19 Jul 2022 05:21:44 AM UTC
Signature : RSA/SHA256, Mon 18 Jul 2022 07:56:47 PM UTC, Key ID 96b3ee5f29111145 rpm -q gpg-pubkey --qf '%{NAME}-%{VERSION}-%{RELEASE}\t%{SUMMARY}\n'
gpg-pubkey-c87f5b1a-593863f8 gpg(Amazon Linux <amazon-linux@amazon.com>)
gpg-pubkey-29111145-591cd381 gpg(Wazuh.com (Wazuh Signing Key) <support@wazuh.com>) |
Installed files location, size and permissions 🟢
|
Installation Footprint 🟢dashboard /var/log/wazuh-install.log19/07/2022 05:20:54 INFO: Starting Wazuh installation assistant. Wazuh version: 4.3.6
19/07/2022 05:20:54 INFO: Verbose logging redirected to /var/log/wazuh-install.log
[wazuh]
gpgcheck=1
gpgkey=https://packages-dev.wazuh.com/key/GPG-KEY-WAZUH
enabled=1
name=EL-${releasever} - Wazuh
baseurl=https://packages-dev.wazuh.com/pre-release/yum/
protect=1
19/07/2022 05:20:59 INFO: Wazuh development repository added.
19/07/2022 05:21:00 INFO: --- Wazuh dashboard ----
19/07/2022 05:21:00 INFO: Starting Wazuh dashboard installation.
Loaded plugins: extras_suggestions, langpacks, priorities, update-motd
Resolving Dependencies
--> Running transaction check
---> Package wazuh-dashboard.x86_64 0:4.3.6-1 will be installed
--> Finished Dependency Resolution
Dependencies Resolved
================================================================================
Package Arch Version Repository Size
================================================================================
Installing:
wazuh-dashboard x86_64 4.3.6-1 wazuh 150 M
Transaction Summary
================================================================================
Install 1 Package
Total download size: 150 M
Installed size: 588 M
Downloading packages:
Running transaction check
Running transaction test
Transaction test succeeded
Running transaction
Installing : wazuh-dashboard-4.3.6-1.x86_64 1/1
Verifying : wazuh-dashboard-4.3.6-1.x86_64 1/1
Installed:
wazuh-dashboard.x86_64 0:4.3.6-1
Complete!
19/07/2022 05:21:49 INFO: Wazuh dashboard installation finished.
19/07/2022 05:21:49 INFO: Wazuh dashboard post-install configuration finished.
19/07/2022 05:21:49 INFO: Starting service wazuh-dashboard.
Created symlink from /etc/systemd/system/multi-user.target.wants/wazuh-dashboard.service to /etc/systemd/system/wazuh-dashboard.service.
19/07/2022 05:21:50 INFO: wazuh-dashboard service started.
19/07/2022 05:22:16 INFO: Initializing Wazuh dashboard web application.
19/07/2022 05:22:17 INFO: Wazuh dashboard web application initialized.
19/07/2022 05:22:17 INFO: Installation finished. |
Wazuh Dashboard configuration 🟢local wazuh.yaml in 4.3.4---
#
# Wazuh dashboard - App configuration file
# Copyright (C) 2015-2022 Wazuh, Inc.
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
#
# Find more information about this on the LICENSE file.
#
# ======================== Wazuh dashboard configuration file ========================
#
# Please check the documentation for more information on configuration options:
# https://documentation.wazuh.com/current/installation-guide/index.html
#
# Also, you can check our repository:
# https://github.com/wazuh/wazuh-kibana-app
#
# ------------------------------- Disable roles -------------------------------
#
# Defines which Elasticsearch roles disable Wazuh
# disabled_roles:
# - wazuh_disabled
#
# ------------------------------- Index patterns -------------------------------
#
# Default index pattern to use.
#pattern: wazuh-alerts-*
#
# ----------------------------------- Checks -----------------------------------
#
# Defines which checks must to be consider by the healthcheck
# step once the Wazuh dashboard starts. Values must to be true or false.
#checks.pattern : true
#checks.template: true
#checks.fields : true
#checks.api : true
#checks.setup : true
#checks.metaFields: true
#checks.timeFilter: true
#checks.maxBuckets: true
#
# --------------------------------- Extensions ---------------------------------
#
# Defines which extensions should be activated when you add a new API entry.
# You can change them after Wazuh dashboard starts.
# Values must to be true or false.
#extensions.pci : true
#extensions.gdpr : true
#extensions.hipaa : true
#extensions.nist : true
#extensions.tsc : true
#extensions.audit : true
#extensions.oscap : false
#extensions.ciscat : false
#extensions.aws : false
#extensions.gcp : false
#extensions.virustotal: false
#extensions.osquery : false
#extensions.docker : false
#
# ---------------------------------- Timeout ----------------------------------
#
# Defines maximum timeout to be used on the Wazuh dashboard requests.
# It will be ignored if it is bellow 1500.
# It means milliseconds before we consider a request as failed.
# Default: 20000
#timeout: 20000
#
# -------------------------------- API selector --------------------------------
#
# Defines if the user is allowed to change the selected
# API directly from the Wazuh dashboard top menu.
# Default: true
#api.selector: true
#
# --------------------------- Index pattern selector ---------------------------
#
# Defines if the user is allowed to change the selected
# index pattern directly from the Wazuh dashboard top menu.
# Default: true
#ip.selector: true
#
# List of index patterns to be ignored
#ip.ignore: []
#
# ------------------------------ wazuh-monitoring ------------------------------
#
# Custom setting to enable/disable wazuh-monitoring indices.
# Values: true, false, worker
# If worker is given as value, the app will show the Agents status
# visualization but won't insert data on wazuh-monitoring indices.
# Default: true
#wazuh.monitoring.enabled: true
#
# Custom setting to set the frequency for wazuh-monitoring indices cron task.
# Default: 900 (s)
#wazuh.monitoring.frequency: 900
#
# Configure wazuh-monitoring-* indices shards and replicas.
#wazuh.monitoring.shards: 1
#wazuh.monitoring.replicas: 0
#
# Configure wazuh-monitoring-* indices custom creation interval.
# Values: h (hourly), d (daily), w (weekly), m (monthly)
# Default: w
#wazuh.monitoring.creation: w
#
# Default index pattern to use for Wazuh monitoring
#wazuh.monitoring.pattern: wazuh-monitoring-*
#
# --------------------------------- wazuh-cron ----------------------------------
#
# Customize the index prefix of predefined jobs
# This change is not retroactive, if you change it new indexes will be created
# cron.prefix: wazuh
#
# --------------------------------- wazuh-sample-alerts -------------------------
#
# Customize the index name prefix of sample alerts
# This change is not retroactive, if you change it new indexes will be created
# It should match with a valid index template to avoid unknown fields on
# dashboards
#alerts.sample.prefix: wazuh-alerts-4.x-
#
# ------------------------------ wazuh-statistics -------------------------------
#
# Custom setting to enable/disable statistics tasks.
#cron.statistics.status: true
#
# Enter the ID of the APIs you want to save data from, leave this empty to run
# the task on all configured APIs
#cron.statistics.apis: []
#
# Define the frequency of task execution using cron schedule expressions
#cron.statistics.interval: 0 */5 * * * *
#
# Define the name of the index in which the documents are to be saved.
#cron.statistics.index.name: statistics
#
# Define the interval in which the index will be created
#cron.statistics.index.creation: w
#
# Configure statistics indices shards and replicas.
#cron.statistics.shards: 1
#cron.statistics.replicas: 0
#
# ------------------------------ wazuh-logo-customization -------------------------------
#
#Define the name of the app logo saved in the path /plugins/wazuh/assets/
#customization.logo.app: ''
#
#Define the name of the sidebar logo saved in the path /plugins/wazuh/assets/
#customization.logo.sidebar: ''
#
#Define the name of the health-check logo saved in the path /plugins/wazuh/assets/
#customization.logo.healthcheck: ''
#
#Define the name of the reports logo (.png) saved in the path /plugins/wazuh/assets/
#customization.logo.reports: ''
#
# ---------------------------- Hide manager alerts ------------------------------
# Hide the alerts of the manager in all dashboards and discover
#hideManagerAlerts: false
#
# ------------------------------- App logging level -----------------------------
# Set the logging level for the Wazuh dashboard log files.
# Default value: info
# Allowed values: info, debug
#logs.level: info
#
# -------------------------------- Enrollment DNS -------------------------------
# Set the variable WAZUH_REGISTRATION_SERVER in agents deployment.
# Default value: ''
#enrollment.dns: ''
#
# Wazuh registration password
# Default value: ''
#enrollment.password: ''
#-------------------------------- API entries -----------------------------------
#The following configuration is the default structure to define an API entry.
#
#hosts:
# - <id>:
# URL
# API url
# url: http(s)://<url>
# Port
# API port
# port: <port>
# Username
# API user's username
# username: <username>
# Password
# API user's password
# password: <password>
# Run as
# Define how the app user gets his/her app permissions.
# Values:
# - true: use his/her authentication context. Require Wazuh API user allows run_as.
# - false or not defined: get same permissions of Wazuh API user.
# run_as: <true|false>
hosts:
- default:
url: https://localhost
port: 55000
username: wazuh-wui
password: wazuh-wui
run_as: false
Wazuh.yaml in 4.3.5 on aws---
#
# Wazuh dashboard - App configuration file
# Copyright (C) 2015-2022 Wazuh, Inc.
#
# This program is free software; you can redistribute it and/or modify
# it under the terms of the GNU General Public License as published by
# the Free Software Foundation; either version 2 of the License, or
# (at your option) any later version.
#
# Find more information about this on the LICENSE file.
#
# ======================== Wazuh dashboard configuration file ========================
#
# Please check the documentation for more information on configuration options:
# https://documentation.wazuh.com/4.3/installation-guide/index.html
#
# Also, you can check our repository:
# https://github.com/wazuh/wazuh-kibana-app
#
# ------------------------------- Disable roles -------------------------------
#
# Defines which Elasticsearch roles disable Wazuh
# disabled_roles:
# - wazuh_disabled
#
# ------------------------------- Index patterns -------------------------------
#
# Default index pattern to use.
#pattern: wazuh-alerts-*
#
# ----------------------------------- Checks -----------------------------------
#
# Defines which checks must to be consider by the healthcheck
# step once the Wazuh dashboard starts. Values must to be true or false.
#checks.pattern : true
#checks.template: true
#checks.fields : true
#checks.api : true
#checks.setup : true
#checks.metaFields: true
#checks.timeFilter: true
#checks.maxBuckets: true
#
# --------------------------------- Extensions ---------------------------------
#
# Defines which extensions should be activated when you add a new API entry.
# You can change them after Wazuh dashboard starts.
# Values must to be true or false.
#extensions.pci : true
#extensions.gdpr : true
#extensions.hipaa : true
#extensions.nist : true
#extensions.tsc : true
#extensions.audit : true
#extensions.oscap : false
#extensions.ciscat : false
#extensions.aws : false
#extensions.gcp : false
#extensions.virustotal: false
#extensions.osquery : false
#extensions.docker : false
#
# ---------------------------------- Timeout ----------------------------------
#
# Defines maximum timeout to be used on the Wazuh dashboard requests.
# It will be ignored if it is bellow 1500.
# It means milliseconds before we consider a request as failed.
# Default: 20000
#timeout: 20000
#
# -------------------------------- API selector --------------------------------
#
# Defines if the user is allowed to change the selected
# API directly from the Wazuh dashboard top menu.
# Default: true
#api.selector: true
#
# --------------------------- Index pattern selector ---------------------------
#
# Defines if the user is allowed to change the selected
# index pattern directly from the Wazuh dashboard top menu.
# Default: true
#ip.selector: true
#
# List of index patterns to be ignored
#ip.ignore: []
#
# ------------------------------ wazuh-monitoring ------------------------------
#
# Custom setting to enable/disable wazuh-monitoring indices.
# Values: true, false, worker
# If worker is given as value, the app will show the Agents status
# visualization but won't insert data on wazuh-monitoring indices.
# Default: true
#wazuh.monitoring.enabled: true
#
# Custom setting to set the frequency for wazuh-monitoring indices cron task.
# Default: 900 (s)
#wazuh.monitoring.frequency: 900
#
# Configure wazuh-monitoring-* indices shards and replicas.
#wazuh.monitoring.shards: 1
#wazuh.monitoring.replicas: 0
#
# Configure wazuh-monitoring-* indices custom creation interval.
# Values: h (hourly), d (daily), w (weekly), m (monthly)
# Default: w
#wazuh.monitoring.creation: w
#
# Default index pattern to use for Wazuh monitoring
#wazuh.monitoring.pattern: wazuh-monitoring-*
#
# --------------------------------- wazuh-cron ----------------------------------
#
# Customize the index prefix of predefined jobs
# This change is not retroactive, if you change it new indexes will be created
# cron.prefix: wazuh
#
# --------------------------------- wazuh-sample-alerts -------------------------
#
# Customize the index name prefix of sample alerts
# This change is not retroactive, if you change it new indexes will be created
# It should match with a valid index template to avoid unknown fields on
# dashboards
#alerts.sample.prefix: wazuh-alerts-4.x-
#
# ------------------------------ wazuh-statistics -------------------------------
#
# Custom setting to enable/disable statistics tasks.
#cron.statistics.status: true
#
# Enter the ID of the APIs you want to save data from, leave this empty to run
# the task on all configured APIs
#cron.statistics.apis: []
#
# Define the frequency of task execution using cron schedule expressions
#cron.statistics.interval: 0 */5 * * * *
#
# Define the name of the index in which the documents are to be saved.
#cron.statistics.index.name: statistics
#
# Define the interval in which the index will be created
#cron.statistics.index.creation: w
#
# Configure statistics indices shards and replicas.
#cron.statistics.shards: 1
#cron.statistics.replicas: 0
#
# ------------------------------ wazuh-logo-customization -------------------------------
#
#Define the name of the app logo saved in the path /plugins/wazuh/assets/
#customization.logo.app: ''
#
#Define the name of the sidebar logo saved in the path /plugins/wazuh/assets/
#customization.logo.sidebar: ''
#
#Define the name of the health-check logo saved in the path /plugins/wazuh/assets/
#customization.logo.healthcheck: ''
#
#Define the name of the reports logo (.png) saved in the path /plugins/wazuh/assets/
#customization.logo.reports: ''
#
# ---------------------------- Hide manager alerts ------------------------------
# Hide the alerts of the manager in all dashboards and discover
#hideManagerAlerts: false
#
# ------------------------------- App logging level -----------------------------
# Set the logging level for the Wazuh dashboard log files.
# Default value: info
# Allowed values: info, debug
#logs.level: info
#
# -------------------------------- Enrollment DNS -------------------------------
# Set the variable WAZUH_REGISTRATION_SERVER in agents deployment.
# Default value: ''
#enrollment.dns: ''
#
# Wazuh registration password
# Default value: ''
#enrollment.password: cffy.ajz7tJ1MR2YZGl1t9iWtZElT3jr
#-------------------------------- API entries -----------------------------------
#The following configuration is the default structure to define an API entry.
#
#hosts:
# - <id>:
# URL
# API url
# url: http(s)://<url>
# Port
# API port
# port: <port>
# Username
# API user's username
# username: <username>
# Password
# API user's password
# password: cffy.ajz7tJ1MR2YZGl1t9iWtZElT3jr
# Run as
# Define how the app user gets his/her app permissions.
# Values:
# - true: use his/her authentication context. Require Wazuh API user allows run_as.
# - false or not defined: get same permissions of Wazuh API user.
# run_as: <true|false>
hosts:
- default:
url: https://172.31.18.209
port: 55000
username: wazuh-wui
password: cffy.ajz7tJ1MR2YZGl1t9iWtZElT3jr
run_as: false DiffsNew url on documentation: https://documentation.wazuh.com/4.3/installation-guide/index.htmlt |
Register Wazuh Agents 🟢 Register a Wazuh agent on OS X [Monterrey] (12.4) with the default groupwazuh_os_x_agent_default_group.movRegister a Windows 2022 agent on group
|
Basic browsing through the WUI 🟢Wazuh APP > Modules > Security EventsGrabacion.de.pantalla.2022-07-19.a.las.13.53.55.movWazuh APP > Modules > Auditing and Policy Monitoring > Policy MonitoringGrabacion.de.pantalla.2022-07-19.a.las.13.55.32.movWazuh APP > Modules > Auditing and Policy Monitoring > Security configuration assessmentGrabacion.de.pantalla.2022-07-19.a.las.13.56.53.movWazuh APP > Modules > Threat detection and response > VulnerabilitiesGrabacion.de.pantalla.2022-07-19.a.las.13.58.20.movWazuh APP > Modules > Threat detection and response > MITRE ATT&CKGrabacion.de.pantalla.2022-07-19.a.las.13.59.13.movWazuh APP > Modules > Regulatory compliance > PCI DSSGrabacion.de.pantalla.2022-07-19.a.las.14.02.07.movWazuh APP > Modules > Regulatory compliance > GDPRGrabacion.de.pantalla.2022-07-19.a.las.14.03.47.movWazuh APP > Modules > Regulatory compliance > HIPAAGrabacion.de.pantalla.2022-07-19.a.las.14.05.22.movWazuh APP > Modules > Regulatory compliance > NIST 800-53Grabacion.de.pantalla.2022-07-19.a.las.14.06.30.movWazuh APP > Modules > Regulatory compliance > TSCGrabacion.de.pantalla.2022-07-19.a.las.14.07.47.movWazuh APP > Management > RulesGrabacion.de.pantalla.2022-07-19.a.las.14.10.07.movWazuh APP > Management > DecodersGrabacion.de.pantalla.2022-07-19.a.las.14.11.53.movWazuh APP > Management > GroupsGrabacion.de.pantalla.2022-07-19.a.las.14.13.25.movWazuh APP > Regularon ComplianceGrabacion.de.pantalla.2022-07-19.a.las.14.01.11.movWazuh APP > AgentsGrabacion.de.pantalla.2022-07-19.a.las.13.51.39.movWazuh APP > Tools > API Consoletested on #14348 (comment) Wazuh APP > Tools > Ruleset TestGrabacion.de.pantalla.2022-07-19.a.las.13.36.46.movWazuh APP > Settings and general testGrabacion.de.pantalla.2022-07-19.a.las.14.14.38.mov |
Conclusions
|
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Labels
module/app/kibana
This issue or pull request is related to the Kibana app
release test/4.3.6
Issues related to testing for 4.3.6
type/test/manual
The following issue aims to run the specified test for the current release candidate, report the results, and open new issues for any encountered errors.
Modules tests information
Installation procedure
Test description
Best efford to test Wazuh dashboard package. Think critically and at least review/test:
Test report procedure
All test results must have one of the following statuses:
Any failing test must be properly addressed with a new issue, detailing the error and the possible cause.
An extended report of the test results can be attached as a ZIP or TXT file. Please attach any documents, screenshots, or tables to the issue update with the results. This report can be used by the auditors to dig deeper into any possible failures and details.
Conclusions
All tests have been executed and the results can be found in the issue updates.
Auditors validation
The definition of done for this one is the validation of the conclusions and the test results from all auditors.
All checks from below must be accepted in order to close this issue.
The text was updated successfully, but these errors were encountered: