Merge 4.7.2 into 4.8.0 #2741
Merged
Merge 4.7.2 into 4.8.0 #2741
Wazuh CI / All In One - Rhel 9 installation
succeeded
Jan 5, 2024 in 9m 8s
Test_unattended
Below you have the stage output
Details
Rhel 9 log
--------------------------------
05/01/2024 04:36:51 DEBUG: Checking root permissions.
05/01/2024 04:36:51 INFO: Starting Wazuh installation assistant. Wazuh version: 4.8.0
05/01/2024 04:36:51 INFO: Verbose logging redirected to /var/log/wazuh-install.log
05/01/2024 04:36:51 DEBUG: YUM package manager will be used.
05/01/2024 04:36:51 DEBUG: Checking system distribution.
05/01/2024 04:36:51 DEBUG: Detected distribution name: rhel
05/01/2024 04:36:51 DEBUG: Detected distribution version: 9
05/01/2024 04:36:51 DEBUG: Checking Wazuh installation.
05/01/2024 04:36:54 DEBUG: Installing check dependencies.
05/01/2024 04:36:54 DEBUG: CentOS repository file created.
05/01/2024 04:36:54 DEBUG: CentOS repositories added.
05/01/2024 04:37:02 INFO: --- Dependencies ---
05/01/2024 04:37:02 INFO: Installing lsof.
Updating Subscription Management repositories. Unable to read consumer identity This system is not registered with an entitlement server. You can use subscription-manager to register. CentOS Stream 9
- AppStream 33 MB/s | 18 MB 00:00 CentOS Stream 9 - BaseOS 9.0 MB/s | 7.9 MB 00:00 Last metadata expiration check: 0:00:02 ago on Fri 05 Jan 2024 04:37:10 AM UTC. Dependencies resolved. ==============
================================================================== Package Architecture Version Repository Size ================================================================================ Install
ing: lsof x86_64 4.94.0-3.el9 baseos 239 k Installing dependencies: libtirpc x86_64 1.3.3-2.el9 baseos 93 k Transaction Summary ========================================================================
======== Install 2 Packages Total download size: 332 k Installed size: 826 k Downloading Packages: (1/2): lsof-4.94.0-3.el9.x86_64.rpm 912 kB/s | 239 kB 00:00 (2/2): libtirpc-1.3.3-2.el9.x86_64.rpm 35
0 kB/s | 93 kB 00:00 -------------------------------------------------------------------------------- Total 1.2 MB/s | 332 kB 00:00 CentOS Stream 9 - BaseOS 1.6 MB/s | 1.6 kB 00:00 Importing GPG key 0
x8483C65D: Userid : "CentOS (CentOS Official Signing Key) <[email protected]>" Fingerprint: 99DB 70FA E1D7 CE22 7FB6 4882 05B5 55B3 8483 C65D From : /etc/pki/rpm-gpg/RPM-GPG-KEY-centosofficial Key i
mported successfully Running transaction check Transaction check succeeded. Running transaction test Transaction test succeeded. Running transaction Preparing : 1/1 Installing : libtirpc-1.3.3-2.el9.x
86_64 1/2 Installing : lsof-4.94.0-3.el9.x86_64 2/2 Running scriptlet: lsof-4.94.0-3.el9.x86_64 2/2 Verifying : libtirpc-1.3.3-2.el9.x86_64 1/2 Verifying : lsof-4.94.0-3.el9.x86_64 2/2 Installed produ
cts updated. Installed: libtirpc-1.3.3-2.el9.x86_64 lsof-4.94.0-3.el9.x86_64 Complete!
Updating Subscription Management repositories. Unable to read consumer identity This system is not registered with an entitlement server. You can use subscription-manager to register. CentOS Stream 9
- AppStream 33 MB/s | 18 MB 00:00 CentOS Stream 9 - BaseOS 9.0 MB/s | 7.9 MB 00:00 Last metadata expiration check: 0:00:02 ago on Fri 05 Jan 2024 04:37:10 AM UTC. Dependencies resolved. ==============
================================================================== Package Architecture Version Repository Size ================================================================================ Install
ing: lsof x86_64 4.94.0-3.el9 baseos 239 k Installing dependencies: libtirpc x86_64 1.3.3-2.el9 baseos 93 k Transaction Summary ========================================================================
======== Install 2 Packages Total download size: 332 k Installed size: 826 k Downloading Packages: (1/2): lsof-4.94.0-3.el9.x86_64.rpm 912 kB/s | 239 kB 00:00 (2/2): libtirpc-1.3.3-2.el9.x86_64.rpm 35
0 kB/s | 93 kB 00:00 -------------------------------------------------------------------------------- Total 1.2 MB/s | 332 kB 00:00 CentOS Stream 9 - BaseOS 1.6 MB/s | 1.6 kB 00:00 Importing GPG key 0
x8483C65D: Userid : "CentOS (CentOS Official Signing Key) <[email protected]>" Fingerprint: 99DB 70FA E1D7 CE22 7FB6 4882 05B5 55B3 8483 C65D From : /etc/pki/rpm-gpg/RPM-GPG-KEY-centosofficial Key i
mported successfully Running transaction check Transaction check succeeded. Running transaction test Transaction test succeeded. Running transaction Preparing : 1/1 Installing : libtirpc-1.3.3-2.el9.x
86_64 1/2 Installing : lsof-4.94.0-3.el9.x86_64 2/2 Running scriptlet: lsof-4.94.0-3.el9.x86_64 2/2 Verifying : libtirpc-1.3.3-2.el9.x86_64 1/2 Verifying : lsof-4.94.0-3.el9.x86_64 2/2 Installed produ
cts updated. Installed: libtirpc-1.3.3-2.el9.x86_64 lsof-4.94.0-3.el9.x86_64 Complete!
Updating Subscription Management repositories.
Unable to read consumer identity
This system is not registered with an entitlement server. You can use subscription-manager to register.
106 files removed
05/01/2024 04:37:19 DEBUG: CentOS repositories and key deleted.
05/01/2024 04:37:19 DEBUG: Checking system architecture.
05/01/2024 04:37:19 INFO: Verifying that your system meets the recommended minimum hardware requirements.
05/01/2024 04:37:19 DEBUG: CPU cores detected: 2
05/01/2024 04:37:19 DEBUG: Free RAM memory detected: 7605
05/01/2024 04:37:19 INFO: Wazuh web interface port will be 443.
05/01/2024 04:37:19 DEBUG: Checking ports availability.
05/01/2024 04:37:20 DEBUG: Installing prerequisites dependencies.
05/01/2024 04:37:21 DEBUG: Checking curl tool version.
05/01/2024 04:37:21 DEBUG: Adding the Wazuh repository.
[wazuh]
gpgcheck=1
gpgkey=https://packages-dev.wazuh.com/key/GPG-KEY-WAZUH
enabled=1
name=EL-${releasever} - Wazuh
baseurl=https://packages-dev.wazuh.com/staging/yum/
protect=1
05/01/2024 04:37:22 INFO: Wazuh development repository added.
05/01/2024 04:37:22 INFO: --- Configuration files ---
05/01/2024 04:37:22 INFO: Generating configuration files.
05/01/2024 04:37:22 DEBUG: Creating Wazuh certificates.
05/01/2024 04:37:22 DEBUG: Reading configuration file.
05/01/2024 04:37:22 DEBUG: Creating the root certificate.
.....+.+..+...+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++*.+....+.....+.+..+.+............+...+.....+................+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
++++*...+.............+........+.+.....+.........+...............+.+......+..+......+.+...........+...+....+............+.........+............+..+...+.........+....+............+..............+.+..+.
...............+..+.......+..+...+...+....+...+..+...+.+..+...+.+...+...........+.........+.+.....+.......+..+...+...+....+...............+...+.....+.........+.+.........+...+..+...+...+....+........+
...+.......+.......................+...+.+...+..+.+............+..+......+.......+...+.....+.........+....+..+...+.+...+.................+...+.+............+...+.....+......+.+.....+....+.........+...
..............+.........+...+......+.+...............+..........................+....+......+..+..........+..+.+...+...........+....+..+.........+..................+.......+......+...............+..+.
+..+.........+...+......+.......+..............+...+...+....+........+.+......+..............+....+...+...+......+......+............+...+.........+.....+.........+.........+.+..+....+...+.....+.+....
.+..........+..+.......+...+........+.+..............+...............+..........+..+...+................+.....+...+.+..+...+....+..................+...+......+......+.....+....+...........+....+...+..
....+.....+....+..+...+.+..+..................+....+...+............+..+.+...............+........+....+..+.+.....+...+..........+.....+.......+..+.......+.....+..........+......+............+..+.....
..........+.+...+..+....+...+............+...+........+.......+..+.+..+................+............+..+.+.....+....+..+.........+.+..............+.+......+..............+......+...............+......
.+......+..+..........+..+...+....+.........+.....+.+.....+...+.+......+...+........+..........+.....+...+....+............+...+..+....+............+.........+.....+...+..................+....+.......
........+.....+.+...............+.....+.......+..+....+.....+....+......+.........+.....+.+.....+.........+......+.+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
.....+.....+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++*............+....+...+......+..+...+.......+.....+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++*........
...+................+..+.......+...+......+...............+..+...+.........+.............+..+......+.+..............+....+......+............+....................+...+.......+..+.+.........+......+...
............+......+...+..+.+.....+....+.......................+..................+...+...............+.+......+...+.....+.+......+.....+.......+.....+......+....+......+.....+....+...+.....+....+....
.+...+.+..+............+.+....................+.+.........+..+....+......+.....+.......+...+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
-----
05/01/2024 04:37:23 DEBUG: Generating Admin certificates.
05/01/2024 04:37:23 DEBUG: Generating Wazuh indexer certificates.
05/01/2024 04:37:23 DEBUG: Creating the Wazuh indexer certificates.
05/01/2024 04:37:23 DEBUG: Generating certificate configuration.
..+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++*.......+...+.+.....+.........+...+...+...............+.........+.......+...+......+..+..........+...++++++++++++++++++++++++++++++++
+++++++++++++++++++++++++++++++++*.+.........+...+....+.....................+...............+.....+.......+...+............+..+....+...........+...+.......+......+.....+.........+.........+......+....
+.....+.+...+...+.....+...+..........+..+...+....+...+.........+.....+......+..........+.....+...+....+............+.....+.+...+.....+.........+.......+.....+....+..+.......+.....+.+..+....+...+......
+.....+...................+...+..+...............+............+.........+....+..+.+...+.........+............+...+..+....+..............+.....................+......+......+............+......+.+.....
+.+.....+..........+..................+.....+.......+...+.........+.....+.+.....+......+...+.......+...+...+..+.......+.....................+..+.+..+.......+..................+.........+...+..++++++++
+++++++++++++++++++++++++++++++++++++++++++++++++++++++++
......+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++*...........+.....+.+..+......+....+...+..+..........+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++*..+.+...+.
.+......+...+...............+......+.+.....+.......+.....+..........+.....+.+.........+..+....+............+........+.......+..+......+.+...+...+...............+..+............+...+.......+...........
...+.+........+......+.+......+.....+............+...+...+....+......+.....+....+.................+...+.+..............+......+.+...+..+...+......+.+.....+.+............+...........+......+....+.....+
......+...+.......+...+..+......+.......+...+..+...+.......+............+.....+.........+.+......+..+......+....+...+.................+...+....+.....+..........+...+...........+....+..+...+......+.+..
......+.+..+......................+...+...+..+.........+...+.......+.........+..+...+.+.........+.....+....+.................+......+....+......+.....+.........+.........+......+....+...........+.....
.+...+.+........+..........+...+........+.+......+..+......+....+...............+..+......+............+.+....................+..........+..+....+.....+.+..+.+......+.....+......+..........+........+.
+...+...+...............+.........+...+.....+.+.........+......+..+...+.+......+..+.+.....+......+....+..............+...+....+.........+..+.......+...+.....+....+........+.+.........+...+.....+...+..
.....+.................+...+...+....+...+..+......+....+........+.......+..+.............+......+............+..+.+..+.........+..........+.....+.+..+.+..+....+.....+...+......+..........+..+.........
+......+.......+.....+.+......+...+......+.....+....+...+.........+......+..+.+.........+...+........+...............+.......+..+...+.........+.........+.+...+......+....................+.............
..+.+...+........+....+.....+................+.....+.........+...+...+............+.............+..+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
-----
05/01/2024 04:37:24 DEBUG: Generating Filebeat certificates.
05/01/2024 04:37:24 DEBUG: Creating the Wazuh server certificates.
05/01/2024 04:37:24 DEBUG: Generating certificate configuration.
...+......+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++*....+...+.+.....+...............+....+..+............+.+..............+.+.........+...+........+++++++++++++++++++++++++++++
++++++++++++++++++++++++++++++++++++*....+.....+......+...+......+....+......+.........+..+.......+......+..+....+.....+..........+......+..+...............+...+.........+.........+......+......+....+
.....+...+.+..............+............+...+.......+......+............+..+.+..+...+...+..........+...........+.+.....+....+........+.......+...+...+..+......+..........+.....+............+.......+..+
.............+..+.+............+.....+.+......+........+.+......+......+.....+...+................+.....+...............+.........+..........+..+...+....+..+....+.........+..+....+.....+.+...+...+...+
.........+.....+.+............+...+.................+....+......+........+............+............+.+.....+.+...+........+..........+........+.+.....+...+..........+...+........+....+......+..+......
.+...+...+......+...........+.............+..+.......+...+...+......+.....+......+...+.+...+..+...+.............+.................+...+.......++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+++++++
.+.........+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++*.+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++*...+....+...+........+.......+......+..+....+...........
...+.......+..+..........+........+....+..................+..+......+.........+.........+.+...+.....+...+...+......+.+..+.......+......+.....+....+...+..+..........+.....+....+.....+....+..+.+........
................+.........+..+....+.....+.........+..........+.....+.......+.........+...+........+...+......+...+.+.........+.....+.......+........+.+......+...+...+..+.+...........+.........+.+...+.
..+.....+...+.......+...+.....+......+..................+......+....+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
-----
05/01/2024 04:37:25 DEBUG: Generating Wazuh dashboard certificates.
05/01/2024 04:37:25 DEBUG: Creating the Wazuh dashboard certificates.
05/01/2024 04:37:25 DEBUG: Generating certificate configuration.
.+...+..+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++*.+.....+......+...+............+.+............+........+....+...+......+..+...+.......+.........+...+..+...................+..
...+......+.+...+...........+....+..+....+.....+...+......+..........+.....+.........+.+...........+...+...+....+...+...........+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++*......
..+...............+.......+..+.......+........+.......+......+.....+.......+...+.........+........+...+....+......+.....+.......+..+.........+....+........+....+.........+......+.........+++++++++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++
....+.....+....+.....+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++*.........+...........+....+...+..+...+............+.+..+............+.+............++++++++++++++++++++++++++++++
+++++++++++++++++++++++++++++++++++*...+.......+.....+...+...+......+.+...+..+.........+......+.........+...+.............+............+...+........++++++++++++++++++++++++++++++++++++++++++++++++++++
+++++++++++++
-----
05/01/2024 04:37:25 DEBUG: Cleaning certificate files.
05/01/2024 04:37:25 DEBUG: Generating password file.
05/01/2024 04:37:25 DEBUG: Generating random passwords.
05/01/2024 04:37:26 INFO: Created wazuh-install-files.tar. It contains the Wazuh cluster key, certificates, and passwords necessary for installation.
05/01/2024 04:37:26 DEBUG: Extracting Wazuh configuration.
05/01/2024 04:37:26 DEBUG: Reading configuration file.
05/01/2024 04:37:26 INFO: --- Wazuh indexer ---
05/01/2024 04:37:26 INFO: Starting Wazuh indexer installation.
Updating Subscription Management repositories.
Unable to read consumer identity
This system is not registered with an entitlement server. You can use subscription-manager to register.
Red Hat Enterprise Linux 9 for x86_64 - AppStre 76 MB/s | 28 MB 00:00
Red Hat Enterprise Linux 9 for x86_64 - BaseOS 56 MB/s | 16 MB 00:00
Red Hat Enterprise Linux 9 Client Configuration 35 kB/s | 3.8 kB 00:00
EL-9 - Wazuh 12 MB/s | 14 MB 00:01
Dependencies resolved.
================================================================================
Package Architecture Version Repository Size
================================================================================
Installing:
wazuh-indexer x86_64 4.8.0-40800 wazuh 743 M
Transaction Summary
================================================================================
Install 1 Package
Total download size: 743 M
Installed size: 1.0 G
Downloading Packages:
wazuh-indexer-4.8.0-40800.x86_64.rpm 29 MB/s | 743 MB 00:25
--------------------------------------------------------------------------------
Total 29 MB/s | 743 MB 00:25
Running transaction check
Transaction check succeeded.
Running transaction test
Transaction test succeeded.
Running transaction
Preparing : 1/1
Running scriptlet: wazuh-indexer-4.8.0-40800.x86_64 1/1
Installing : wazuh-indexer-4.8.0-40800.x86_64 1/1
Running scriptlet: wazuh-indexer-4.8.0-40800.x86_64 1/1
Created opensearch keystore in /etc/wazuh-indexer/opensearch.keystore
Verifying : wazuh-indexer-4.8.0-40800.x86_64 1/1
Installed products updated.
Installed:
wazuh-indexer-4.8.0-40800.x86_64
Complete!
05/01/2024 04:39:33 DEBUG: Checking Wazuh installation.
05/01/2024 04:39:35 DEBUG: There are Wazuh indexer remaining files.
05/01/2024 04:39:37 INFO: Wazuh indexer installation finished.
05/01/2024 04:39:37 DEBUG: Configuring Wazuh indexer.
05/01/2024 04:39:37 DEBUG: Copying Wazuh indexer certificates.
05/01/2024 04:39:37 INFO: Wazuh indexer post-install configuration finished.
05/01/2024 04:39:37 INFO: Starting service wazuh-indexer.
Created symlink /etc/systemd/system/multi-user.target.wants/wazuh-indexer.service ��� /usr/lib/systemd/system/wazuh-indexer.service.
05/01/2024 04:39:59 INFO: wazuh-indexer service started.
05/01/2024 04:39:59 INFO: Initializing Wazuh indexer cluster security settings.
**************************************************************************
** This tool will be deprecated in the next major release of OpenSearch **
** https://github.com/opensearch-project/security/issues/1755 **
**************************************************************************
Security Admin v7
Will connect to 127.0.0.1:9200 ... done
Connected as "CN=admin,OU=Wazuh,O=Wazuh,L=California,C=US"
OpenSearch Version: 2.10.0
Contacting opensearch cluster 'opensearch' and wait for YELLOW clusterstate ...
Clustername: wazuh-cluster
Clusterstate: GREEN
Number of nodes: 1
Number of data nodes: 1
.opendistro_security index does not exists, attempt to create it ... done (0-all replicas)
Populate config from /etc/wazuh-indexer/opensearch-security/
Will update '/config' with /etc/wazuh-indexer/opensearch-security/config.yml
SUCC: Configuration for 'config' created or updated
Will update '/roles' with /etc/wazuh-indexer/opensearch-security/roles.yml
SUCC: Configuration for 'roles' created or updated
Will update '/rolesmapping' with /etc/wazuh-indexer/opensearch-security/roles_mapping.yml
SUCC: Configuration for 'rolesmapping' created or updated
Will update '/internalusers' with /etc/wazuh-indexer/opensearch-security/internal_users.yml
SUCC: Configuration for 'internalusers' created or updated
Will update '/actiongroups' with /etc/wazuh-indexer/opensearch-security/action_groups.yml
SUCC: Configuration for 'actiongroups' created or updated
Will update '/tenants' with /etc/wazuh-indexer/opensearch-security/tenants.yml
SUCC: Configuration for 'tenants' created or updated
Will update '/nodesdn' with /etc/wazuh-indexer/opensearch-security/nodes_dn.yml
SUCC: Configuration for 'nodesdn' created or updated
Will update '/whitelist' with /etc/wazuh-indexer/opensearch-security/whitelist.yml
SUCC: Configuration for 'whitelist' created or updated
Will update '/audit' with /etc/wazuh-indexer/opensearch-security/audit.yml
SUCC: Configuration for 'audit' created or updated
Will update '/allowlist' with /etc/wazuh-indexer/opensearch-security/allowlist.yml
SUCC: Configuration for 'allowlist' created or updated
SUCC: Expected 10 config types for node {"updated_config_types":["allowlist","tenants","rolesmapping","nodesdn","audit","roles","whitelist","internalusers","actiongroups","config"],"updated_config_siz
e":10,"message":null} is 10 (["allowlist","tenants","rolesmapping","nodesdn","audit","roles","whitelist","internalusers","actiongroups","config"]) due to: null
Done with success
wazuh-alerts template uploaded
wazuh-archives template uploaded
rollover_policy policy uploaded
wazuh-alerts write index created
wazuh-archives write index created
Indexer ISM initialization finished successfully
05/01/2024 04:40:12 INFO: The Wazuh indexer cluster ISM initialized.
05/01/2024 04:40:12 INFO: Wazuh indexer cluster initialized.
05/01/2024 04:40:12 INFO: --- Wazuh server ---
05/01/2024 04:40:12 INFO: Starting the Wazuh manager installation.
Updating Subscription Management repositories.
Unable to read consumer identity
This system is not registered with an entitlement server. You can use subscription-manager to register.
Last metadata expiration check: 0:02:32 ago on Fri 05 Jan 2024 04:37:41 AM UTC.
Dependencies resolved.
================================================================================
Package Architecture Version Repository Size
================================================================================
Installing:
wazuh-manager x86_64 4.8.0-40800 wazuh 165 M
Transaction Summary
================================================================================
Install 1 Package
Total download size: 165 M
Installed size: 602 M
Downloading Packages:
wazuh-manager-4.8.0-40800.x86_64.rpm 118 MB/s | 165 MB 00:01
--------------------------------------------------------------------------------
Total 117 MB/s | 165 MB 00:01
Running transaction check
Transaction check succeeded.
Running transaction test
Transaction test succeeded.
Running transaction
Preparing : 1/1
Running scriptlet: wazuh-manager-4.8.0-40800.x86_64 1/1
Installing : wazuh-manager-4.8.0-40800.x86_64 1/1
Running scriptlet: wazuh-manager-4.8.0-40800.x86_64 1/1uavc: op=load_policy lsm=selinux seqno=3 res=1
Verifying : wazuh-manager-4.8.0-40800.x86_64 1/1
Installed products updated.
Installed:
wazuh-manager-4.8.0-40800.x86_64
Complete!
05/01/2024 04:41:04 DEBUG: Checking Wazuh installation.
05/01/2024 04:41:05 DEBUG: There are Wazuh remaining files.
05/01/2024 04:41:06 DEBUG: There are Wazuh indexer remaining files.
05/01/2024 04:41:07 INFO: Wazuh manager installation finished.
05/01/2024 04:41:07 INFO: Starting service wazuh-manager.
Created symlink /etc/systemd/system/multi-user.target.wants/wazuh-manager.service ��� /usr/lib/systemd/system/wazuh-manager.service.
05/01/2024 04:41:26 INFO: wazuh-manager service started.
05/01/2024 04:41:26 INFO: Starting Filebeat installation.
Installed:
filebeat-7.10.2-1.x86_64
05/01/2024 04:41:31 DEBUG: Checking Wazuh installation.
05/01/2024 04:41:32 DEBUG: There are Wazuh remaining files.
05/01/2024 04:41:33 DEBUG: There are Wazuh indexer remaining files.
05/01/2024 04:41:34 DEBUG: There are Filebeat remaining files.
05/01/2024 04:41:35 INFO: Filebeat installation finished.
05/01/2024 04:41:35 DEBUG: Configuring Filebeat.
05/01/2024 04:41:35 DEBUG: Filebeat template was download successfully.
wazuh/
wazuh/archives/
wazuh/archives/ingest/
wazuh/archives/ingest/pipeline.json
wazuh/archives/config/
wazuh/archives/config/archives.yml
wazuh/archives/manifest.yml
wazuh/_meta/
wazuh/_meta/config.yml
wazuh/_meta/docs.asciidoc
wazuh/_meta/fields.yml
wazuh/alerts/
wazuh/alerts/ingest/
wazuh/alerts/ingest/pipeline.json
wazuh/alerts/config/
wazuh/alerts/config/alerts.yml
wazuh/alerts/manifest.yml
wazuh/module.yml
05/01/2024 04:41:35 DEBUG: Filebeat module was downloaded successfully.
05/01/2024 04:41:35 DEBUG: Copying Filebeat certificates.
Created filebeat keystore
Successfully updated the keystore
Successfully updated the keystore
05/01/2024 04:41:36 INFO: Filebeat post-install configuration finished.
05/01/2024 04:41:36 INFO: Starting service filebeat.
Synchronizing state of filebeat.service with SysV service script with /usr/lib/systemd/systemd-sysv-install.
Executing: /usr/lib/systemd/systemd-sysv-install enable filebeat
Created symlink /etc/systemd/system/multi-user.target.wants/filebeat.service ��� /usr/lib/systemd/system/filebeat.service.
05/01/2024 04:41:36 INFO: filebeat service started.
05/01/2024 04:41:36 INFO: --- Wazuh dashboard ---
05/01/2024 04:41:36 INFO: Starting Wazuh dashboard installation.
Updating Subscription Management repositories.
Unable to read consumer identity
This system is not registered with an entitlement server. You can use subscription-manager to register.
Last metadata expiration check: 0:03:56 ago on Fri 05 Jan 2024 04:37:41 AM UTC.
Dependencies resolved.
================================================================================
Package Architecture Version Repository Size
================================================================================
Installing:
wazuh-dashboard x86_64 4.8.0-40800 wazuh 269 M
Transaction Summary
================================================================================
Install 1 Package
Total download size: 269 M
Installed size: 890 M
Downloading Packages:
wazuh-dashboard-4.8.0-40800.x86_64.rpm 97 MB/s | 269 MB 00:02
--------------------------------------------------------------------------------
Total 97 MB/s | 269 MB 00:02
Running transaction check
Transaction check succeeded.
Running transaction test
Transaction test succeeded.
Running transaction
Preparing : 1/1
Running scriptlet: wazuh-dashboard-4.8.0-40800.x86_64 1/1
Installing : wazuh-dashboard-4.8.0-40800.x86_64 1/1
Running scriptlet: wazuh-dashboard-4.8.0-40800.x86_64 1/1
Verifying : wazuh-dashboard-4.8.0-40800.x86_64 1/1
Installed products updated.
Installed:
wazuh-dashboard-4.8.0-40800.x86_64
Complete!
05/01/2024 04:43:28 DEBUG: Checking Wazuh installation.
05/01/2024 04:43:29 DEBUG: There are Wazuh remaining files.
05/01/2024 04:43:30 DEBUG: There are Wazuh indexer remaining files.
05/01/2024 04:43:31 DEBUG: There are Filebeat remaining files.
05/01/2024 04:43:32 DEBUG: There are Wazuh dashboard remaining files.
05/01/2024 04:43:32 INFO: Wazuh dashboard installation finished.
05/01/2024 04:43:32 DEBUG: Configuring Wazuh dashboard.
05/01/2024 04:43:32 DEBUG: Copying Wazuh dashboard certificates.
05/01/2024 04:43:32 DEBUG: Wazuh dashboard certificate setup finished.
05/01/2024 04:43:32 INFO: Wazuh dashboard post-install configuration finished.
05/01/2024 04:43:32 INFO: Starting service wazuh-dashboard.
Created symlink /etc/systemd/system/multi-user.target.wants/wazuh-dashboard.service ��� /etc/systemd/system/wazuh-dashboard.service.
05/01/2024 04:43:33 INFO: wazuh-dashboard service started.
05/01/2024 04:43:33 DEBUG: Setting Wazuh indexer cluster passwords.
05/01/2024 04:43:33 DEBUG: Checking Wazuh installation.
05/01/2024 04:43:34 DEBUG: There are Wazuh remaining files.
05/01/2024 04:43:35 DEBUG: There are Wazuh indexer remaining files.
05/01/2024 04:43:36 DEBUG: There are Filebeat remaining files.
05/01/2024 04:43:38 DEBUG: There are Wazuh dashboard remaining files.
05/01/2024 04:43:38 INFO: Updating the internal users.
05/01/2024 04:43:38 DEBUG: Creating password backup.
**************************************************************************
** This tool will be deprecated in the next major release of OpenSearch **
** https://github.com/opensearch-project/security/issues/1755 **
**************************************************************************
Security Admin v7
Will connect to localhost:9200 ... done
Connected as "CN=admin,OU=Wazuh,O=Wazuh,L=California,C=US"
OpenSearch Version: 2.10.0
Contacting opensearch cluster 'opensearch' and wait for YELLOW clusterstate ...
Clustername: wazuh-cluster
Clusterstate: YELLOW
Number of nodes: 1
Number of data nodes: 1
.opendistro_security index already exists, so we do not need to create one.
Will retrieve '/config' into /etc/wazuh-indexer/backup/config.yml
SUCC: Configuration for 'config' stored in /etc/wazuh-indexer/backup/config.yml
Will retrieve '/roles' into /etc/wazuh-indexer/backup/roles.yml
SUCC: Configuration for 'roles' stored in /etc/wazuh-indexer/backup/roles.yml
Will retrieve '/rolesmapping' into /etc/wazuh-indexer/backup/roles_mapping.yml
SUCC: Configuration for 'rolesmapping' stored in /etc/wazuh-indexer/backup/roles_mapping.yml
Will retrieve '/internalusers' into /etc/wazuh-indexer/backup/internal_users.yml
SUCC: Configuration for 'internalusers' stored in /etc/wazuh-indexer/backup/internal_users.yml
Will retrieve '/actiongroups' into /etc/wazuh-indexer/backup/action_groups.yml
SUCC: Configuration for 'actiongroups' stored in /etc/wazuh-indexer/backup/action_groups.yml
Will retrieve '/tenants' into /etc/wazuh-indexer/backup/tenants.yml
SUCC: Configuration for 'tenants' stored in /etc/wazuh-indexer/backup/tenants.yml
Will retrieve '/nodesdn' into /etc/wazuh-indexer/backup/nodes_dn.yml
SUCC: Configuration for 'nodesdn' stored in /etc/wazuh-indexer/backup/nodes_dn.yml
Will retrieve '/whitelist' into /etc/wazuh-indexer/backup/whitelist.yml
SUCC: Configuration for 'whitelist' stored in /etc/wazuh-indexer/backup/whitelist.yml
Will retrieve '/allowlist' into /etc/wazuh-indexer/backup/allowlist.yml
SUCC: Configuration for 'allowlist' stored in /etc/wazuh-indexer/backup/allowlist.yml
Will retrieve '/audit' into /etc/wazuh-indexer/backup/audit.yml
SUCC: Configuration for 'audit' stored in /etc/wazuh-indexer/backup/audit.yml
05/01/2024 04:43:46 DEBUG: Password backup created in /etc/wazuh-indexer/backup.
05/01/2024 04:43:46 INFO: A backup of the internal users has been saved in the /etc/wazuh-indexer/internalusers-backup folder.
05/01/2024 04:43:46 DEBUG: The internal users have been updated before changing the passwords.
05/01/2024 04:43:47 DEBUG: Generating password hashes.
05/01/2024 04:43:54 DEBUG: Password hashes generated.
05/01/2024 04:43:54 DEBUG: Creating password backup.
**************************************************************************
** This tool will be deprecated in the next major release of OpenSearch **
** https://github.com/opensearch-project/security/issues/1755 **
**************************************************************************
Security Admin v7
Will connect to localhost:9200 ... done
Connected as "CN=admin,OU=Wazuh,O=Wazuh,L=California,C=US"
OpenSearch Version: 2.10.0
Contacting opensearch cluster 'opensearch' and wait for YELLOW clusterstate ...
Clustername: wazuh-cluster
Clusterstate: YELLOW
Number of nodes: 1
Number of data nodes: 1
.opendistro_security index already exists, so we do not need to create one.
Will retrieve '/config' into /etc/wazuh-indexer/backup/config.yml
SUCC: Configuration for 'config' stored in /etc/wazuh-indexer/backup/config.yml
Will retrieve '/roles' into /etc/wazuh-indexer/backup/roles.yml
SUCC: Configuration for 'roles' stored in /etc/wazuh-indexer/backup/roles.yml
Will retrieve '/rolesmapping' into /etc/wazuh-indexer/backup/roles_mapping.yml
SUCC: Configuration for 'rolesmapping' stored in /etc/wazuh-indexer/backup/roles_mapping.yml
Will retrieve '/internalusers' into /etc/wazuh-indexer/backup/internal_users.yml
SUCC: Configuration for 'internalusers' stored in /etc/wazuh-indexer/backup/internal_users.yml
Will retrieve '/actiongroups' into /etc/wazuh-indexer/backup/action_groups.yml
SUCC: Configuration for 'actiongroups' stored in /etc/wazuh-indexer/backup/action_groups.yml
Will retrieve '/tenants' into /etc/wazuh-indexer/backup/tenants.yml
SUCC: Configuration for 'tenants' stored in /etc/wazuh-indexer/backup/tenants.yml
Will retrieve '/nodesdn' into /etc/wazuh-indexer/backup/nodes_dn.yml
SUCC: Configuration for 'nodesdn' stored in /etc/wazuh-indexer/backup/nodes_dn.yml
Will retrieve '/whitelist' into /etc/wazuh-indexer/backup/whitelist.yml
SUCC: Configuration for 'whitelist' stored in /etc/wazuh-indexer/backup/whitelist.yml
Will retrieve '/allowlist' into /etc/wazuh-indexer/backup/allowlist.yml
SUCC: Configuration for 'allowlist' stored in /etc/wazuh-indexer/backup/allowlist.yml
Will retrieve '/audit' into /etc/wazuh-indexer/backup/audit.yml
SUCC: Configuration for 'audit' stored in /etc/wazuh-indexer/backup/audit.yml
05/01/2024 04:43:58 DEBUG: Password backup created in /etc/wazuh-indexer/backup.
Successfully updated the keystore
05/01/2024 04:43:58 DEBUG: Restarting filebeat service...
05/01/2024 04:43:58 DEBUG: filebeat started.
05/01/2024 04:44:00 DEBUG: Restarting wazuh-dashboard service...
05/01/2024 04:44:00 DEBUG: wazuh-dashboard started.
05/01/2024 04:44:00 DEBUG: Running security admin tool.
05/01/2024 04:44:00 DEBUG: Loading new passwords changes.
**************************************************************************
** This tool will be deprecated in the next major release of OpenSearch **
** https://github.com/opensearch-project/security/issues/1755 **
**************************************************************************
Security Admin v7
Will connect to localhost:9200 ... done
Connected as "CN=admin,OU=Wazuh,O=Wazuh,L=California,C=US"
OpenSearch Version: 2.10.0
Contacting opensearch cluster 'opensearch' and wait for YELLOW clusterstate ...
Clustername: wazuh-cluster
Clusterstate: YELLOW
Number of nodes: 1
Number of data nodes: 1
.opendistro_security index already exists, so we do not need to create one.
Populate config from /tmp/unattended/unattended_installer
Force type: internalusers
Will update '/internalusers' with /etc/wazuh-indexer/backup/internal_users.yml
SUCC: Configuration for 'internalusers' created or updated
SUCC: Expected 1 config types for node {"updated_config_types":["internalusers"],"updated_config_size":1,"message":null} is 1 (["internalusers"]) due to: null
Done with success
05/01/2024 04:44:07 DEBUG: Passwords changed.
05/01/2024 04:44:08 DEBUG: Changing API passwords.
05/01/2024 04:45:12 INFO: Initializing Wazuh dashboard web application.
05/01/2024 04:45:13 INFO: Wazuh dashboard web application initialized.
05/01/2024 04:45:13 INFO: --- Summary ---
05/01/2024 04:45:13 INFO: You can access the web interface https://<wazuh-dashboard-ip>:443
User: admin
Password: prGm5oJ8uTleZBDScsnHfeIc5+jQwnW?
05/01/2024 04:45:13 INFO: --- Dependencies ---
05/01/2024 04:45:13 INFO: Removing lsof.
Updating Subscription Management repositories. Unable to read consumer identity This system is not registered with an entitlement server. You can use subscription-manager to register. Dependencies res
olved. ================================================================================ Package Architecture Version Repository Size ===================================================================
============= Removing: lsof x86_64 4.94.0-3.el9 @baseos 624 k Removing unused dependencies: libtirpc x86_64 1.3.3-2.el9 @baseos 202 k Transaction Summary =============================================
=================================== Remove 2 Packages Freed space: 826 k Running transaction check Transaction check succeeded. Running transaction test Transaction test succeeded. Running transaction
Preparing : 1/1 Erasing : lsof-4.94.0-3.el9.x86_64 1/2 Erasing : libtirpc-1.3.3-2.el9.x86_64 2/2 Running scriptlet: libtirpc-1.3.3-2.el9.x86_64 2/2 Verifying : libtirpc-1.3.3-2.el9.x86_64 1/2 Verifyi
ng : lsof-4.94.0-3.el9.x86_64 2/2 Installed products updated. Removed: libtirpc-1.3.3-2.el9.x86_64 lsof-4.94.0-3.el9.x86_64 Complete!
05/01/2024 04:45:15 DEBUG: Restoring Wazuh repository.
05/01/2024 04:45:15 INFO: Installation finished.
Loading