Merge 4.7.2 into 4.8.0 #2741
Merged
Merge 4.7.2 into 4.8.0 #2741
Wazuh CI / All In One - Ubuntu jammy installation
succeeded
Jan 5, 2024 in 8m 7s
Test_unattended
Below you have the stage output
Details
Ubuntu jammy log
--------------------------------
05/01/2024 04:38:03 DEBUG: Checking root permissions.
05/01/2024 04:38:03 INFO: Starting Wazuh installation assistant. Wazuh version: 4.8.0
05/01/2024 04:38:03 INFO: Verbose logging redirected to /var/log/wazuh-install.log
05/01/2024 04:38:03 DEBUG: APT package manager will be used.
05/01/2024 04:38:03 DEBUG: Checking system distribution.
05/01/2024 04:38:03 DEBUG: Detected distribution name: ubuntu
05/01/2024 04:38:03 DEBUG: Detected distribution version: 22
05/01/2024 04:38:03 DEBUG: Checking Wazuh installation.
05/01/2024 04:38:04 DEBUG: Installing check dependencies.
Hit:1 http://us-east-1.ec2.archive.ubuntu.com/ubuntu jammy InRelease
Hit:2 http://us-east-1.ec2.archive.ubuntu.com/ubuntu jammy-updates InRelease
Hit:3 http://us-east-1.ec2.archive.ubuntu.com/ubuntu jammy-backports InRelease
Get:4 http://security.ubuntu.com/ubuntu jammy-security InRelease [110 kB]
Hit:5 http://ppa.launchpad.net/deadsnakes/ppa/ubuntu jammy InRelease
Traceback (most recent call last):
File "/usr/lib/cnf-update-db", line 3, in <module>
import apt_pkg
ModuleNotFoundError: No module named 'apt_pkg'
Fetched 110 kB in 1s (193 kB/s)
Reading package lists...
W: http://ppa.launchpad.net/deadsnakes/ppa/ubuntu/dists/jammy/InRelease: Key is stored in legacy trusted.gpg keyring (/etc/apt/trusted.gpg), see the DEPRECATION section in apt-key(8) for details.
E: Problem executing scripts APT::Update::Post-Invoke-Success 'if /usr/bin/test -w /var/lib/command-not-found/ -a -e /usr/lib/cnf-update-db; then /usr/lib/cnf-update-db > /dev/null; fi'
E: Sub-process returned an error code
05/01/2024 04:38:11 DEBUG: Checking system architecture.
05/01/2024 04:38:11 INFO: Verifying that your system meets the recommended minimum hardware requirements.
05/01/2024 04:38:11 DEBUG: CPU cores detected: 2
05/01/2024 04:38:11 DEBUG: Free RAM memory detected: 7871
05/01/2024 04:38:11 INFO: Wazuh web interface port will be 443.
05/01/2024 04:38:11 DEBUG: Checking ports availability.
05/01/2024 04:38:12 DEBUG: Installing prerequisites dependencies.
Hit:1 http://us-east-1.ec2.archive.ubuntu.com/ubuntu jammy InRelease
Hit:2 http://us-east-1.ec2.archive.ubuntu.com/ubuntu jammy-updates InRelease
Hit:3 http://us-east-1.ec2.archive.ubuntu.com/ubuntu jammy-backports InRelease
Hit:4 http://security.ubuntu.com/ubuntu jammy-security InRelease
Hit:5 http://ppa.launchpad.net/deadsnakes/ppa/ubuntu jammy InRelease
Traceback (most recent call last):
File "/usr/lib/cnf-update-db", line 3, in <module>
import apt_pkg
ModuleNotFoundError: No module named 'apt_pkg'
Reading package lists...
W: http://ppa.launchpad.net/deadsnakes/ppa/ubuntu/dists/jammy/InRelease: Key is stored in legacy trusted.gpg keyring (/etc/apt/trusted.gpg), see the DEPRECATION section in apt-key(8) for details.
E: Problem executing scripts APT::Update::Post-Invoke-Success 'if /usr/bin/test -w /var/lib/command-not-found/ -a -e /usr/lib/cnf-update-db; then /usr/lib/cnf-update-db > /dev/null; fi'
E: Sub-process returned an error code
05/01/2024 04:38:16 INFO: --- Dependencies ----
05/01/2024 04:38:16 INFO: Installing apt-transport-https.
Reading package lists... Building dependency tree... Reading state information... The following NEW packages will be installed: apt-transport-https 0 upgraded, 1 newly installed, 0 to remove and 225 n
ot upgraded. Need to get 1,510 B of archives. After this operation, 170 kB of additional disk space will be used. Get:1 http://us-east-1.ec2.archive.ubuntu.com/ubuntu jammy-updates/universe amd64 apt-
transport-https all 2.4.11 [1,510 B] Fetched 1,510 B in 0s (105 kB/s) Selecting previously unselected package apt-transport-https.
(Reading database ...
(Reading database ... 5%
(Reading database ... 10%
(Reading database ... 15%
(Reading database ... 20%
(Reading database ... 25%
(Reading database ... 30%
(Reading database ... 35%
(Reading database ... 40%
(Reading database ... 45%
(Reading database ... 50%
(Reading database ... 55%
(Reading database ... 60%
(Reading database ... 65%
(Reading database ... 70%
(Reading database ... 75%
(Reading database ... 80%
(Reading database ... 85%
(Reading database ... 90%
(Reading database ... 95%
(Reading database ... 100%
(Reading database ... 64436 files and directories currently installed.)
Preparing to unpack .../apt-transport-https_2.4.11_all.deb ...
Unpacking apt-transport-https (2.4.11) ...
Setting up apt-transport-https (2.4.11) ...
NEEDRESTART-VER: 3.5 NEEDRESTART-KCUR: 5.15.0-1004-aws NEEDRESTART-KEXP: 5.15.0-1004-aws NEEDRESTART-KSTA: 1
05/01/2024 04:38:18 DEBUG: Checking curl tool version.
05/01/2024 04:38:18 DEBUG: Adding the Wazuh repository.
gpg: keyring '/usr/share/keyrings/wazuh.gpg' created
gpg: directory '/root/.gnupg' created
gpg: /root/.gnupg/trustdb.gpg: trustdb created
gpg: key 96B3EE5F29111145: public key "Wazuh.com (Wazuh Signing Key) <[email protected]>" imported
gpg: Total number processed: 1
gpg: imported: 1
deb [signed-by=/usr/share/keyrings/wazuh.gpg] https://packages-dev.wazuh.com/staging/apt/ unstable main
Hit:1 http://us-east-1.ec2.archive.ubuntu.com/ubuntu jammy InRelease
Hit:2 http://us-east-1.ec2.archive.ubuntu.com/ubuntu jammy-updates InRelease
Hit:3 http://us-east-1.ec2.archive.ubuntu.com/ubuntu jammy-backports InRelease
Hit:4 http://security.ubuntu.com/ubuntu jammy-security InRelease
Hit:5 http://ppa.launchpad.net/deadsnakes/ppa/ubuntu jammy InRelease
Get:6 https://packages-dev.wazuh.com/staging/apt unstable InRelease [17.3 kB]
Get:7 https://packages-dev.wazuh.com/staging/apt unstable/main amd64 Packages [36.7 kB]
Traceback (most recent call last):
File "/usr/lib/cnf-update-db", line 3, in <module>
import apt_pkg
ModuleNotFoundError: No module named 'apt_pkg'
Fetched 53.9 kB in 1s (80.0 kB/s)
Reading package lists...
W: http://ppa.launchpad.net/deadsnakes/ppa/ubuntu/dists/jammy/InRelease: Key is stored in legacy trusted.gpg keyring (/etc/apt/trusted.gpg), see the DEPRECATION section in apt-key(8) for details.
E: Problem executing scripts APT::Update::Post-Invoke-Success 'if /usr/bin/test -w /var/lib/command-not-found/ -a -e /usr/lib/cnf-update-db; then /usr/lib/cnf-update-db > /dev/null; fi'
E: Sub-process returned an error code
05/01/2024 04:38:21 INFO: Wazuh development repository added.
05/01/2024 04:38:21 INFO: --- Configuration files ---
05/01/2024 04:38:21 INFO: Generating configuration files.
05/01/2024 04:38:21 DEBUG: Creating Wazuh certificates.
05/01/2024 04:38:21 DEBUG: Reading configuration file.
05/01/2024 04:38:21 DEBUG: Creating the root certificate.
..+..+......+....+...+........+....+............+...+..+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++*...........+...+....................+++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++*..+..............+.+......+...+...+............+..+...+.+............+........+.........+...+...+..........+..+.......+.................+...+.......+......+..+.+.....+......+...
+......+.+...........+..........+..+......+............+...+....+...+..+.+..+.............+.....+....+...+...+.....+.+.....+.+..............+....+.........+.....+...+.......+...+...+.....+....+...+..+
...+....+.........+.....+....+...+..+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
.+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++*..........+....+...+...+..+.......+......+.....+......+.+.....+...+.+......+.....+.......+..+++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++++++++*..+..+...+....+.....+...+.+...........+.+.....+.........+...+......+.+......+........+......+...+..........+......+......+...........+....+.........+.....+.+.........+........
.+..+.........+.+.....+.........+.........+.+.........+..+...+...+.............+......+.....+.+.........+.....+.+............+.....+...+...+......+.+........+....+..+...................+.....+........
.+.......+...+..+.+........+......+...+.+.........+........+...+....+..+..................+.......+...............+...+.....+...+.........+...+......+.......+...+..+...............+.......+...........
......+.+...+..+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
-----
05/01/2024 04:38:21 DEBUG: Generating Admin certificates.
Certificate request self-signature ok
subject=C = US, L = California, O = Wazuh, OU = Wazuh, CN = admin
05/01/2024 04:38:21 DEBUG: Generating Wazuh indexer certificates.
05/01/2024 04:38:21 DEBUG: Creating the Wazuh indexer certificates.
05/01/2024 04:38:22 DEBUG: Generating certificate configuration.
...+.........+.....+......+.+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++*.+.....+.+..+...+....+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++*.......+...+.......
............+...+...+...+...........+...+.............+...+......+......+..+.......+.....+.+.....+...+..........+...............+.....+.+...+.....+...........................+....+......+...+.....+...
.........+.+.....+...+......+.+..+...+.......+.....+......+.......+..+.......+......+.............................+...+......+.+...+....................+...+.......+..+...+...+....+...+.....+.+..+....
...+.....+......+......+.............+........+...+....+...+............+...+..............+....+.........+...+..+.+......+........+.......+......+..+...+++++++++++++++++++++++++++++++++++++++++++++++
++++++++++++++++++
.....+.+......+...+..+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++*...+.....+......+.........+.+..+...+....+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++*..+....
.....+..+....+......+........+.+..+...+.........+.............+..+.+..+....+.....+...+......+.+...+..................+.........+...+....................+............+.+.........+......+.....+.........
.+.........+.....+.........+............+...............+...+.+...+...........+....+..+.+..............+.+..+.......+......+.....+...+.+.........+..+..........+...+..+.........................+.......
..+.....+.+..+......+.+.....+....+......+..............+......+....+..+...+......+...+.+..+....+...+........+...+....+......+......+...+..+...............+......+.......+........+.......+...+.........
.....+......+....+.....+...+.+..+............+.......+...+.................+....+.....+.........+...+...+.......+............+..+.+..+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
-----
Certificate request self-signature ok
subject=C = US, L = California, O = Wazuh, OU = Wazuh, CN = wazuh-indexer
05/01/2024 04:38:22 DEBUG: Generating Filebeat certificates.
05/01/2024 04:38:22 DEBUG: Creating the Wazuh server certificates.
05/01/2024 04:38:22 DEBUG: Generating certificate configuration.
..........+.....+....+..+...+.+..+.........+...+...+...+.+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++*.........+..+.........+.+..+.+..+....+........+.+..+.............+..+...+.+..
.+..+...+.......+......+.........+...+.....+.......+.....+.+.....+.......+..+....+...........+...+......+....+...+..+......+....+.....+......+.+......+.........+...........+...+.+.....+....+..+...+...
......+...+....+...+..+...+...+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++*.+....+.....+.+...+............+..+..................+.........+.+.....+.............+......+...........
...+.......+..+......+....+...+..+.+..............+...+...................+...+..+.........+..........+..+............+...+............+.+..+.........+..........+......+.........+......+..+...........
.+.+...+.........+..+..........+........+.+............+...+..+.......+.....+......+......+.+........+....+..+.+............+...+.....+..........+.....+....+.........+............+...+...........+.+..
+......+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
.......+..+.......+..+.........+.........+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++*....+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++*................+++++++
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
-----
Certificate request self-signature ok
subject=C = US, L = California, O = Wazuh, OU = Wazuh, CN = wazuh-server
05/01/2024 04:38:22 DEBUG: Generating Wazuh dashboard certificates.
05/01/2024 04:38:22 DEBUG: Creating the Wazuh dashboard certificates.
05/01/2024 04:38:22 DEBUG: Generating certificate configuration.
.+..+....+...........+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++*...+....+.....+.......+........+.......+..+......+.++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
+++*......+...+..+...+......+...............+.+...+......+..............+............+............+..........+.....+.......+......+............+..+.+...+.....+.+......+...+.....+....+..+...+..........
......+.....+.......+..+...+.........+....+..+....+....................................+..+...+...............+....+..................+...+.....+....+...+.....+...+...+.......+...+++++++++++++++++++++
++++++++++++++++++++++++++++++++++++++++++++
...+.....+...+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++*..+.......+.....+....+..............+.+...+........+.........+...+.+.....++++++++++++++++++++++++++++++++++++++++++++++++
+++++++++++++++++*........................+........+.+..+....+.........+..+...+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
-----
Certificate request self-signature ok
subject=C = US, L = California, O = Wazuh, OU = Wazuh, CN = wazuh-dashboard
05/01/2024 04:38:23 DEBUG: Cleaning certificate files.
05/01/2024 04:38:23 DEBUG: Generating password file.
05/01/2024 04:38:23 DEBUG: Generating random passwords.
05/01/2024 04:38:23 INFO: Created wazuh-install-files.tar. It contains the Wazuh cluster key, certificates, and passwords necessary for installation.
05/01/2024 04:38:23 DEBUG: Extracting Wazuh configuration.
05/01/2024 04:38:23 DEBUG: Reading configuration file.
05/01/2024 04:38:23 INFO: --- Wazuh indexer ---
05/01/2024 04:38:23 INFO: Starting Wazuh indexer installation.
Reading package lists... Building dependency tree... Reading state information... The following NEW packages will be installed: wazuh-indexer 0 upgraded, 1 newly installed, 0 to remove and 225 not upg
raded. Need to get 759 MB of archives. After this operation, 1,050 MB of additional disk space will be used. Get:1 https://packages-dev.wazuh.com/staging/apt unstable/main amd64 wazuh-indexer amd64 4.
8.0-wp2697 [759 MB] Fetched 759 MB in 30s (25.2 MB/s) Selecting previously unselected package wazuh-indexer.
(Reading database ...
(Reading database ... 5%
(Reading database ... 10%
(Reading database ... 15%
(Reading database ... 20%
(Reading database ... 25%
(Reading database ... 30%
(Reading database ... 35%
(Reading database ... 40%
(Reading database ... 45%
(Reading database ... 50%
(Reading database ... 55%
(Reading database ... 60%
(Reading database ... 65%
(Reading database ... 70%
(Reading database ... 75%
(Reading database ... 80%
(Reading database ... 85%
(Reading database ... 90%
(Reading database ... 95%
(Reading database ... 100%
(Reading database ... 64440 files and directories currently installed.)
Preparing to unpack .../wazuh-indexer_4.8.0-wp2697_amd64.deb ...
Creating wazuh-indexer group... OK
Creating wazuh-indexer user... OK
Unpacking wazuh-indexer (4.8.0-wp2697) ...
Setting up wazuh-indexer (4.8.0-wp2697) ...
Created opensearch keystore in /etc/wazuh-indexer/opensearch.keystore
Processing triggers for libc-bin (2.35-0ubuntu3) ...
NEEDRESTART-VER: 3.5 NEEDRESTART-KCUR: 5.15.0-1004-aws NEEDRESTART-KEXP: 5.15.0-1004-aws NEEDRESTART-KSTA: 1
05/01/2024 04:40:36 DEBUG: Checking Wazuh installation.
05/01/2024 04:40:37 DEBUG: There are Wazuh indexer remaining files.
05/01/2024 04:40:38 INFO: Wazuh indexer installation finished.
05/01/2024 04:40:38 DEBUG: Configuring Wazuh indexer.
05/01/2024 04:40:38 DEBUG: Copying Wazuh indexer certificates.
05/01/2024 04:40:38 INFO: Wazuh indexer post-install configuration finished.
05/01/2024 04:40:38 INFO: Starting service wazuh-indexer.
Created symlink /etc/systemd/system/multi-user.target.wants/wazuh-indexer.service ��� /lib/systemd/system/wazuh-indexer.service.
05/01/2024 04:41:01 INFO: wazuh-indexer service started.
05/01/2024 04:41:01 INFO: Initializing Wazuh indexer cluster security settings.
**************************************************************************
** This tool will be deprecated in the next major release of OpenSearch **
** https://github.com/opensearch-project/security/issues/1755 **
**************************************************************************
Security Admin v7
Will connect to 127.0.0.1:9200 ... done
Connected as "CN=admin,OU=Wazuh,O=Wazuh,L=California,C=US"
OpenSearch Version: 2.10.0
Contacting opensearch cluster 'opensearch' and wait for YELLOW clusterstate ...
Clustername: wazuh-cluster
Clusterstate: GREEN
Number of nodes: 1
Number of data nodes: 1
.opendistro_security index does not exists, attempt to create it ... done (0-all replicas)
Populate config from /etc/wazuh-indexer/opensearch-security/
Will update '/config' with /etc/wazuh-indexer/opensearch-security/config.yml
SUCC: Configuration for 'config' created or updated
Will update '/roles' with /etc/wazuh-indexer/opensearch-security/roles.yml
SUCC: Configuration for 'roles' created or updated
Will update '/rolesmapping' with /etc/wazuh-indexer/opensearch-security/roles_mapping.yml
SUCC: Configuration for 'rolesmapping' created or updated
Will update '/internalusers' with /etc/wazuh-indexer/opensearch-security/internal_users.yml
SUCC: Configuration for 'internalusers' created or updated
Will update '/actiongroups' with /etc/wazuh-indexer/opensearch-security/action_groups.yml
SUCC: Configuration for 'actiongroups' created or updated
Will update '/tenants' with /etc/wazuh-indexer/opensearch-security/tenants.yml
SUCC: Configuration for 'tenants' created or updated
Will update '/nodesdn' with /etc/wazuh-indexer/opensearch-security/nodes_dn.yml
SUCC: Configuration for 'nodesdn' created or updated
Will update '/whitelist' with /etc/wazuh-indexer/opensearch-security/whitelist.yml
SUCC: Configuration for 'whitelist' created or updated
Will update '/audit' with /etc/wazuh-indexer/opensearch-security/audit.yml
SUCC: Configuration for 'audit' created or updated
Will update '/allowlist' with /etc/wazuh-indexer/opensearch-security/allowlist.yml
SUCC: Configuration for 'allowlist' created or updated
SUCC: Expected 10 config types for node {"updated_config_types":["allowlist","tenants","rolesmapping","nodesdn","audit","roles","whitelist","internalusers","actiongroups","config"],"updated_config_siz
e":10,"message":null} is 10 (["allowlist","tenants","rolesmapping","nodesdn","audit","roles","whitelist","internalusers","actiongroups","config"]) due to: null
Done with success
Will create 'wazuh' index template
SUCC: 'wazuh' template created or updated
Will create 'ism_history_indices' index template
SUCC: 'ism_history_indices' template created or updated
Will disable replicas for 'plugins.index_state_management.history' indices
SUCC: cluster's settings saved
Will create index templates to configure the alias
SUCC: 'wazuh-alerts' template created or updated
SUCC: 'wazuh-archives' template created or updated
Will create the 'rollover_policy' policy
SUCC: 'rollover_policy' policy created
Will create initial indices for the aliases
SUCC: 'wazuh-alerts' write index created
SUCC: 'wazuh-archives' write index created
SUCC: Indexer ISM initialization finished successfully.
05/01/2024 04:41:15 INFO: The Wazuh indexer cluster ISM initialized.
05/01/2024 04:41:15 INFO: Wazuh indexer cluster initialized.
05/01/2024 04:41:15 INFO: --- Wazuh server ---
05/01/2024 04:41:15 INFO: Starting the Wazuh manager installation.
Reading package lists... Building dependency tree... Reading state information... Suggested packages: expect The following NEW packages will be installed: wazuh-manager 0 upgraded, 1 newly installed,
0 to remove and 226 not upgraded. Need to get 118 MB of archives. After this operation, 704 MB of additional disk space will be used. Get:1 https://packages-dev.wazuh.com/staging/apt unstable/main amd
64 wazuh-manager amd64 4.8.0-wp2697 [118 MB] Fetched 118 MB in 5s (21.8 MB/s) Selecting previously unselected package wazuh-manager.
(Reading database ...
(Reading database ... 5%
(Reading database ... 10%
(Reading database ... 15%
(Reading database ... 20%
(Reading database ... 25%
(Reading database ... 30%
(Reading database ... 35%
(Reading database ... 40%
(Reading database ... 45%
(Reading database ... 50%
(Reading database ... 55%
(Reading database ... 60%
(Reading database ... 65%
(Reading database ... 70%
(Reading database ... 75%
(Reading database ... 80%
(Reading database ... 85%
(Reading database ... 90%
(Reading database ... 95%
(Reading database ... 100%
(Reading database ... 65616 files and directories currently installed.)
Preparing to unpack .../wazuh-manager_4.8.0-wp2697_amd64.deb ...
Unpacking wazuh-manager (4.8.0-wp2697) ...
Setting up wazuh-manager (4.8.0-wp2697) ...
NEEDRESTART-VER: 3.5 NEEDRESTART-KCUR: 5.15.0-1004-aws NEEDRESTART-KEXP: 5.15.0-1004-aws NEEDRESTART-KSTA: 1
05/01/2024 04:42:54 DEBUG: Checking Wazuh installation.
05/01/2024 04:42:54 DEBUG: There are Wazuh remaining files.
05/01/2024 04:42:55 DEBUG: There are Wazuh indexer remaining files.
05/01/2024 04:42:56 INFO: Wazuh manager installation finished.
05/01/2024 04:42:56 INFO: Starting service wazuh-manager.
Created symlink /etc/systemd/system/multi-user.target.wants/wazuh-manager.service ��� /lib/systemd/system/wazuh-manager.service.
05/01/2024 04:43:17 INFO: wazuh-manager service started.
05/01/2024 04:43:17 INFO: Starting Filebeat installation.
Reading package lists... Building dependency tree... Reading state information... The following NEW packages will be installed: filebeat 0 upgraded, 1 newly installed, 0 to remove and 227 not upgraded
. Need to get 22.1 MB of archives. After this operation, 73.6 MB of additional disk space will be used. Get:1 https://packages-dev.wazuh.com/staging/apt unstable/main amd64 filebeat amd64 7.10.2 [22.1
MB] Fetched 22.1 MB in 2s (13.2 MB/s) Selecting previously unselected package filebeat.
(Reading database ...
(Reading database ... 5%
(Reading database ... 10%
(Reading database ... 15%
(Reading database ... 20%
(Reading database ... 25%
(Reading database ... 30%
(Reading database ... 35%
(Reading database ... 40%
(Reading database ... 45%
(Reading database ... 50%
(Reading database ... 55%
(Reading database ... 60%
(Reading database ... 65%
(Reading database ... 70%
(Reading database ... 75%
(Reading database ... 80%
(Reading database ... 85%
(Reading database ... 90%
(Reading database ... 95%
(Reading database ... 100%
(Reading database ... 87693 files and directories currently installed.)
Preparing to unpack .../filebeat_7.10.2_amd64.deb ...
Unpacking filebeat (7.10.2) ...
Setting up filebeat (7.10.2) ...
NEEDRESTART-VER: 3.5 NEEDRESTART-KCUR: 5.15.0-1004-aws NEEDRESTART-KEXP: 5.15.0-1004-aws NEEDRESTART-KSTA: 1
05/01/2024 04:43:26 DEBUG: Checking Wazuh installation.
05/01/2024 04:43:26 DEBUG: There are Wazuh remaining files.
05/01/2024 04:43:27 DEBUG: There are Wazuh indexer remaining files.
05/01/2024 04:43:27 DEBUG: There are Filebeat remaining files.
05/01/2024 04:43:28 INFO: Filebeat installation finished.
05/01/2024 04:43:28 DEBUG: Configuring Filebeat.
05/01/2024 04:43:28 DEBUG: Filebeat template was download successfully.
wazuh/
wazuh/archives/
wazuh/archives/ingest/
wazuh/archives/ingest/pipeline.json
wazuh/archives/config/
wazuh/archives/config/archives.yml
wazuh/archives/manifest.yml
wazuh/_meta/
wazuh/_meta/config.yml
wazuh/_meta/docs.asciidoc
wazuh/_meta/fields.yml
wazuh/alerts/
wazuh/alerts/ingest/
wazuh/alerts/ingest/pipeline.json
wazuh/alerts/config/
wazuh/alerts/config/alerts.yml
wazuh/alerts/manifest.yml
wazuh/module.yml
05/01/2024 04:43:28 DEBUG: Filebeat module was downloaded successfully.
05/01/2024 04:43:28 DEBUG: Copying Filebeat certificates.
Created filebeat keystore
Successfully updated the keystore
Successfully updated the keystore
05/01/2024 04:43:28 INFO: Filebeat post-install configuration finished.
05/01/2024 04:43:28 INFO: Starting service filebeat.
Synchronizing state of filebeat.service with SysV service script with /lib/systemd/systemd-sysv-install.
Executing: /lib/systemd/systemd-sysv-install enable filebeat
Created symlink /etc/systemd/system/multi-user.target.wants/filebeat.service ��� /lib/systemd/system/filebeat.service.
05/01/2024 04:43:30 INFO: filebeat service started.
05/01/2024 04:43:30 INFO: --- Wazuh dashboard ---
05/01/2024 04:43:30 INFO: Starting Wazuh dashboard installation.
Reading package lists... Building dependency tree... Reading state information... The following NEW packages will be installed: wazuh-dashboard 0 upgraded, 1 newly installed, 0 to remove and 227 not u
pgraded. Need to get 186 MB of archives. After this operation, 987 MB of additional disk space will be used. Get:1 https://packages-dev.wazuh.com/staging/apt unstable/main amd64 wazuh-dashboard amd64
4.8.0-wp2697 [186 MB] Fetched 186 MB in 8s (22.6 MB/s) Selecting previously unselected package wazuh-dashboard.
(Reading database ...
(Reading database ... 5%
(Reading database ... 10%
(Reading database ... 15%
(Reading database ... 20%
(Reading database ... 25%
(Reading database ... 30%
(Reading database ... 35%
(Reading database ... 40%
(Reading database ... 45%
(Reading database ... 50%
(Reading database ... 55%
(Reading database ... 60%
(Reading database ... 65%
(Reading database ... 70%
(Reading database ... 75%
(Reading database ... 80%
(Reading database ... 85%
(Reading database ... 90%
(Reading database ... 95%
(Reading database ... 100%
(Reading database ... 88012 files and directories currently installed.)
Preparing to unpack .../wazuh-dashboard_4.8.0-wp2697_amd64.deb ...
Creating wazuh-dashboard group... OK
Creating wazuh-dashboard user... OK
Unpacking wazuh-dashboard (4.8.0-wp2697) ...
Setting up wazuh-dashboard (4.8.0-wp2697) ...
NEEDRESTART-VER: 3.5 NEEDRESTART-KCUR: 5.15.0-1004-aws NEEDRESTART-KEXP: 5.15.0-1004-aws NEEDRESTART-KSTA: 1
05/01/2024 04:44:39 DEBUG: Checking Wazuh installation.
05/01/2024 04:44:40 DEBUG: There are Wazuh remaining files.
05/01/2024 04:44:40 DEBUG: There are Wazuh indexer remaining files.
05/01/2024 04:44:41 DEBUG: There are Filebeat remaining files.
05/01/2024 04:44:41 DEBUG: There are Wazuh dashboard remaining files.
05/01/2024 04:44:41 INFO: Wazuh dashboard installation finished.
05/01/2024 04:44:41 DEBUG: Configuring Wazuh dashboard.
05/01/2024 04:44:41 DEBUG: Copying Wazuh dashboard certificates.
05/01/2024 04:44:41 DEBUG: Wazuh dashboard certificate setup finished.
05/01/2024 04:44:41 INFO: Wazuh dashboard post-install configuration finished.
05/01/2024 04:44:41 INFO: Starting service wazuh-dashboard.
Created symlink /etc/systemd/system/multi-user.target.wants/wazuh-dashboard.service ��� /etc/systemd/system/wazuh-dashboard.service.
05/01/2024 04:44:42 INFO: wazuh-dashboard service started.
05/01/2024 04:44:42 DEBUG: Setting Wazuh indexer cluster passwords.
05/01/2024 04:44:42 DEBUG: Checking Wazuh installation.
05/01/2024 04:44:42 DEBUG: There are Wazuh remaining files.
05/01/2024 04:44:43 DEBUG: There are Wazuh indexer remaining files.
05/01/2024 04:44:43 DEBUG: There are Filebeat remaining files.
05/01/2024 04:44:44 DEBUG: There are Wazuh dashboard remaining files.
05/01/2024 04:44:44 INFO: Updating the internal users.
05/01/2024 04:44:44 DEBUG: Creating password backup.
**************************************************************************
** This tool will be deprecated in the next major release of OpenSearch **
** https://github.com/opensearch-project/security/issues/1755 **
**************************************************************************
Security Admin v7
Will connect to localhost:9200 ... done
Connected as "CN=admin,OU=Wazuh,O=Wazuh,L=California,C=US"
OpenSearch Version: 2.10.0
Contacting opensearch cluster 'opensearch' and wait for YELLOW clusterstate ...
Clustername: wazuh-cluster
Clusterstate: GREEN
Number of nodes: 1
Number of data nodes: 1
.opendistro_security index already exists, so we do not need to create one.
Will retrieve '/config' into /etc/wazuh-indexer/backup/config.yml
SUCC: Configuration for 'config' stored in /etc/wazuh-indexer/backup/config.yml
Will retrieve '/roles' into /etc/wazuh-indexer/backup/roles.yml
SUCC: Configuration for 'roles' stored in /etc/wazuh-indexer/backup/roles.yml
Will retrieve '/rolesmapping' into /etc/wazuh-indexer/backup/roles_mapping.yml
SUCC: Configuration for 'rolesmapping' stored in /etc/wazuh-indexer/backup/roles_mapping.yml
Will retrieve '/internalusers' into /etc/wazuh-indexer/backup/internal_users.yml
SUCC: Configuration for 'internalusers' stored in /etc/wazuh-indexer/backup/internal_users.yml
Will retrieve '/actiongroups' into /etc/wazuh-indexer/backup/action_groups.yml
SUCC: Configuration for 'actiongroups' stored in /etc/wazuh-indexer/backup/action_groups.yml
Will retrieve '/tenants' into /etc/wazuh-indexer/backup/tenants.yml
SUCC: Configuration for 'tenants' stored in /etc/wazuh-indexer/backup/tenants.yml
Will retrieve '/nodesdn' into /etc/wazuh-indexer/backup/nodes_dn.yml
SUCC: Configuration for 'nodesdn' stored in /etc/wazuh-indexer/backup/nodes_dn.yml
Will retrieve '/whitelist' into /etc/wazuh-indexer/backup/whitelist.yml
SUCC: Configuration for 'whitelist' stored in /etc/wazuh-indexer/backup/whitelist.yml
Will retrieve '/allowlist' into /etc/wazuh-indexer/backup/allowlist.yml
SUCC: Configuration for 'allowlist' stored in /etc/wazuh-indexer/backup/allowlist.yml
Will retrieve '/audit' into /etc/wazuh-indexer/backup/audit.yml
SUCC: Configuration for 'audit' stored in /etc/wazuh-indexer/backup/audit.yml
05/01/2024 04:44:52 DEBUG: Password backup created in /etc/wazuh-indexer/backup.
05/01/2024 04:44:52 INFO: A backup of the internal users has been saved in the /etc/wazuh-indexer/internalusers-backup folder.
05/01/2024 04:44:52 DEBUG: The internal users have been updated before changing the passwords.
05/01/2024 04:44:55 DEBUG: Generating password hashes.
05/01/2024 04:45:03 DEBUG: Password hashes generated.
05/01/2024 04:45:03 DEBUG: Creating password backup.
**************************************************************************
** This tool will be deprecated in the next major release of OpenSearch **
** https://github.com/opensearch-project/security/issues/1755 **
**************************************************************************
Security Admin v7
Will connect to localhost:9200 ... done
Connected as "CN=admin,OU=Wazuh,O=Wazuh,L=California,C=US"
OpenSearch Version: 2.10.0
Contacting opensearch cluster 'opensearch' and wait for YELLOW clusterstate ...
Clustername: wazuh-cluster
Clusterstate: GREEN
Number of nodes: 1
Number of data nodes: 1
.opendistro_security index already exists, so we do not need to create one.
Will retrieve '/config' into /etc/wazuh-indexer/backup/config.yml
SUCC: Configuration for 'config' stored in /etc/wazuh-indexer/backup/config.yml
Will retrieve '/roles' into /etc/wazuh-indexer/backup/roles.yml
SUCC: Configuration for 'roles' stored in /etc/wazuh-indexer/backup/roles.yml
Will retrieve '/rolesmapping' into /etc/wazuh-indexer/backup/roles_mapping.yml
SUCC: Configuration for 'rolesmapping' stored in /etc/wazuh-indexer/backup/roles_mapping.yml
Will retrieve '/internalusers' into /etc/wazuh-indexer/backup/internal_users.yml
SUCC: Configuration for 'internalusers' stored in /etc/wazuh-indexer/backup/internal_users.yml
Will retrieve '/actiongroups' into /etc/wazuh-indexer/backup/action_groups.yml
SUCC: Configuration for 'actiongroups' stored in /etc/wazuh-indexer/backup/action_groups.yml
Will retrieve '/tenants' into /etc/wazuh-indexer/backup/tenants.yml
SUCC: Configuration for 'tenants' stored in /etc/wazuh-indexer/backup/tenants.yml
Will retrieve '/nodesdn' into /etc/wazuh-indexer/backup/nodes_dn.yml
SUCC: Configuration for 'nodesdn' stored in /etc/wazuh-indexer/backup/nodes_dn.yml
Will retrieve '/whitelist' into /etc/wazuh-indexer/backup/whitelist.yml
SUCC: Configuration for 'whitelist' stored in /etc/wazuh-indexer/backup/whitelist.yml
Will retrieve '/allowlist' into /etc/wazuh-indexer/backup/allowlist.yml
SUCC: Configuration for 'allowlist' stored in /etc/wazuh-indexer/backup/allowlist.yml
Will retrieve '/audit' into /etc/wazuh-indexer/backup/audit.yml
SUCC: Configuration for 'audit' stored in /etc/wazuh-indexer/backup/audit.yml
05/01/2024 04:45:07 DEBUG: Password backup created in /etc/wazuh-indexer/backup.
Successfully updated the keystore
05/01/2024 04:45:08 DEBUG: Restarting filebeat service...
05/01/2024 04:45:08 DEBUG: filebeat started.
05/01/2024 04:45:09 DEBUG: Restarting wazuh-dashboard service...
05/01/2024 04:45:10 DEBUG: wazuh-dashboard started.
05/01/2024 04:45:10 DEBUG: Running security admin tool.
05/01/2024 04:45:10 DEBUG: Loading new passwords changes.
**************************************************************************
** This tool will be deprecated in the next major release of OpenSearch **
** https://github.com/opensearch-project/security/issues/1755 **
**************************************************************************
Security Admin v7
Will connect to localhost:9200 ... done
Connected as "CN=admin,OU=Wazuh,O=Wazuh,L=California,C=US"
OpenSearch Version: 2.10.0
Contacting opensearch cluster 'opensearch' and wait for YELLOW clusterstate ...
Clustername: wazuh-cluster
Clusterstate: GREEN
Number of nodes: 1
Number of data nodes: 1
.opendistro_security index already exists, so we do not need to create one.
Populate config from /tmp/unattended/unattended_installer
Force type: internalusers
Will update '/internalusers' with /etc/wazuh-indexer/backup/internal_users.yml
SUCC: Configuration for 'internalusers' created or updated
SUCC: Expected 1 config types for node {"updated_config_types":["internalusers"],"updated_config_size":1,"message":null} is 1 (["internalusers"]) due to: null
Done with success
05/01/2024 04:45:17 DEBUG: Passwords changed.
05/01/2024 04:45:17 DEBUG: Changing API passwords.
05/01/2024 04:45:24 INFO: Initializing Wazuh dashboard web application.
05/01/2024 04:45:25 INFO: Wazuh dashboard web application initialized.
05/01/2024 04:45:25 INFO: --- Summary ---
05/01/2024 04:45:25 INFO: You can access the web interface https://<wazuh-dashboard-ip>:443
User: admin
Password: Y+SGd*+8ej3+IN.fsK9Q9er?2xVnwVtK
05/01/2024 04:45:25 DEBUG: Restoring Wazuh repository.
05/01/2024 04:45:25 INFO: Installation finished.
Loading