Merge pull request #195 from wazuh/feature-193-adapt-new-api-configur…

…ation Adapt to new Wazuh API configuration
wazuh · Jan 7, 2020 · 541a3b1 · 541a3b1
2 parents eef38dc + 5204758
commit 541a3b1
Show file tree

Hide file tree

Showing 2 changed files with 164 additions and 2 deletions.
diff --git a/manifests/kibana.pp b/manifests/kibana.pp
@@ -12,8 +12,15 @@
   $kibana_server_port = '5601',
   $kibana_server_host = '0.0.0.0',
   $kibana_elasticsearch_server_hosts ="http://${kibana_elasticsearch_ip}:${kibana_elasticsearch_port}",
-
-){
+  $kibana_wazuh_api_credentials = [ {
+                                      'id'       => 'default',
+                                      'url'      => 'http://localhost',
+                                      'port'     => '55000',
+                                      'user'     => 'foo',
+                                      'password' => 'bar',
+                                    },
+                                  ]
+) {
 
   # install package
   package { 'Installing Kibana...':
@@ -43,13 +50,35 @@
     try_sleep => 3,
   }
 
+  file {'Removing old Wazuh Kibana Plugin...':
+    ensure  => absent,
+    path    => '/usr/share/kibana/plugins/wazuh',
+    recurse => true,
+    purge   => true,
+    force   => true,
+    notify  => Service[$kibana_service]
+  }
+
   exec {'Installing Wazuh App...':
     path    => '/usr/bin',
     command => "sudo -u kibana /usr/share/kibana/bin/kibana-plugin install https://packages.wazuh.com/wazuhapp/wazuhapp-${kibana_app_version}.zip",
     creates => '/usr/share/kibana/plugins/wazuh/package.json',
     notify  => Service[$kibana_service],
   }
 
+  exec {'Removing .wazuh index...':
+    path    => '/usr/bin',
+    command => "curl -s -XDELETE -sL -I 'http://${kibana_elasticsearch_ip}:${kibana_elasticsearch_port}/.wazuh' -o /dev/null",
+    notify  => Service[$kibana_service],
+  }
+
+  file { '/usr/share/kibana/plugins/wazuh/wazuh.yml':
+    owner   => 'kibana',
+    group   => 'kibana',
+    mode    => '0644',
+    content => template('wazuh/wazuh_yml.erb'),
+    notify  => Service[$kibana_service]
+  }
   exec { 'Verify Kibana folders owner':
     path    => '/usr/bin:/bin',
     command => "chown -R kibana:kibana /usr/share/kibana/optimize\

diff --git a/templates/wazuh_yml.erb b/templates/wazuh_yml.erb
@@ -0,0 +1,133 @@
+---
+#
+# Wazuh app - App configuration file
+# Copyright (C) 2015-2019 Wazuh, Inc.
+#
+# This program is free software; you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation; either version 2 of the License, or
+# (at your option) any later version.
+#
+# Find more information about this on the LICENSE file.
+#
+# ======================== Wazuh app configuration file ========================
+#
+# Please check the documentation for more information on configuration options:
+# https://documentation.wazuh.com/current/installation-guide/index.html
+#
+# Also, you can check our repository:
+# https://github.com/wazuh/wazuh-kibana-app
+#
+# ------------------------------- Index patterns -------------------------------
+#
+# Default index pattern to use.
+#pattern: wazuh-alerts-3.x-*
+#
+# ----------------------------------- Checks -----------------------------------
+#
+# Defines which checks must to be consider by the healthcheck
+# step once the Wazuh app starts. Values must to be true or false.
+#checks.pattern : true
+#checks.template: true
+#checks.api     : true
+#checks.setup   : true
+#
+# --------------------------------- Extensions ---------------------------------
+#
+# Defines which extensions should be activated when you add a new API entry.
+# You can change them after Wazuh app starts.
+# Values must to be true or false.
+#extensions.pci       : true
+#extensions.gdpr      : true
+#extensions.hipaa     : true
+#extensions.nist      : true
+#extensions.audit     : true
+#extensions.oscap     : false
+#extensions.ciscat    : false
+#extensions.aws       : false
+#extensions.virustotal: false
+#extensions.osquery   : false
+#extensions.docker    : false
+#
+# ---------------------------------- Time out ----------------------------------
+#
+# Defines maximum timeout to be used on the Wazuh app requests.
+# It will be ignored if it is bellow 1500.
+# It means milliseconds before we consider a request as failed.
+# Default: 20000
+#timeout: 20000
+#
+# ------------------------------ Advanced indices ------------------------------
+#
+# Configure .wazuh indices shards and replicas.
+#wazuh.shards          : 1
+#wazuh.replicas        : 0
+#
+# --------------------------- Index pattern selector ---------------------------
+#
+# Defines if the user is allowed to change the selected
+# index pattern directly from the Wazuh app top menu.
+# Default: true
+#ip.selector: true
+#
+# List of index patterns to be ignored
+#ip.ignore: []
+#
+# -------------------------------- X-Pack RBAC ---------------------------------
+#
+# Custom setting to enable/disable built-in X-Pack RBAC security capabilities.
+# Default: enabled
+#xpack.rbac.enabled: true
+#
+# ------------------------------ wazuh-monitoring ------------------------------
+#
+# Custom setting to enable/disable wazuh-monitoring indices.
+# Values: true, false, worker
+# If worker is given as value, the app will show the Agents status
+# visualization but won't insert data on wazuh-monitoring indices.
+# Default: true
+#wazuh.monitoring.enabled: true
+#
+# Custom setting to set the frequency for wazuh-monitoring indices cron task.
+# Default: 900 (s)
+#wazuh.monitoring.frequency: 900
+#
+# Configure wazuh-monitoring-3.x-* indices shards and replicas.
+#wazuh.monitoring.shards: 2
+#wazuh.monitoring.replicas: 0
+#
+# Configure wazuh-monitoring-3.x-* indices custom creation interval.
+# Values: h (hourly), d (daily), w (weekly), m (monthly)
+# Default: d
+#wazuh.monitoring.creation: d
+#
+# Default index pattern to use for Wazuh monitoring
+#wazuh.monitoring.pattern: wazuh-monitoring-3.x-*
+#
+#
+# ------------------------------- App privileges --------------------------------
+#admin: true
+#
+# ------------------------------- App logging level -----------------------------
+# Set the logging level for the Wazuh App log files.
+# Default value: info
+# Allowed values: info, debug
+#logs.level: info
+#
+#-------------------------------- API entries -----------------------------------
+#The following configuration is the default structure to define an API entry.
+#
+#hosts:
+#  - <id>:
+#     url: http(s)://<url>
+#     port: <port>
+#     user: <user>
+#     password: <password>
+hosts:
+<% @kibana_wazuh_api_credentials.each do |api_profile| -%>
+  - <%= api_profile['id'] %>:
+      url: <%= api_profile['url'] %>
+      port: <%= api_profile['port'] %>
+      user: <%= api_profile['user'] %>
+      password: <%= api_profile['password'] %>
+<% end -%>