From e753f6d967185dd98525051a780be3513daa5877 Mon Sep 17 00:00:00 2001 From: Tomas Benitez Vescio Date: Fri, 20 Sep 2024 13:17:42 -0300 Subject: [PATCH 01/21] Add Custom DNS doc --- source/_static/js/redirects.js | 1 + .../your-environment/custom-dns.rst | 47 +++++++++++++++++++ .../cloud-service/your-environment/index.rst | 1 + 3 files changed, 49 insertions(+) create mode 100644 source/cloud-service/your-environment/custom-dns.rst diff --git a/source/_static/js/redirects.js b/source/_static/js/redirects.js index f3fe9a80aa..2f72cf74fc 100644 --- a/source/_static/js/redirects.js +++ b/source/_static/js/redirects.js @@ -197,6 +197,7 @@ newUrls['4.9'] = [ '/user-manual/agent/agent-management/remote-upgrading/wpk-files/wpk-list.html', '/user-manual/wazuh-dashboard/navigating-the-wazuh-dashboard.html', '/user-manual/wazuh-dashboard/settings.html', + '/cloud-service/your-environment/custom-dns.html' ]; /* Pages no longer available in 4.9 */ diff --git a/source/cloud-service/your-environment/custom-dns.rst b/source/cloud-service/your-environment/custom-dns.rst new file mode 100644 index 0000000000..f938f48b28 --- /dev/null +++ b/source/cloud-service/your-environment/custom-dns.rst @@ -0,0 +1,47 @@ +.. Copyright (C) 2015, Wazuh, Inc. + +.. meta:: + :description: Check out how to configure a custom domain to access an environment in Wazuh Cloud. Learn more about it in this section of the documentation. + +.. _cloud_your_environment_custom_dns: + +Custom DNS +============= + +By default, Wazuh Cloud environments are accessed through a subdomain of `cloud.wazuh.com`. + +You can configure your environment to use your own custom domain. To do this, go to the **Wazuh Cloud Console** under the environment details page. You will be asked to provide the following: + +* **Certificate**: SSL/TLS certificate for your domain + + * Must use SHA2 + + * Must use RSA with key size of at least 2048-bit + + * TLS Web Server Authentication is required if using EKU + + * Must contain domain name in CN or SAN field(s) + + * Must be PEM encoded + +* **Private Key**: Associated with the provided certificate + + * Must not be encrypted or require a passphrase + + * Must be PEM encoded + +* **Certificate Chain**: Used to sign your certificate + + * Must contain all intermediate certificates in the certificate chain + + * Must be signed by a trusted certificate authority + + * Must be PEM encoded + +After providing the above and applying the configuration, create a `CNAME` DNS record using the value provided by the **Wazuh Cloud Console**. + +.. note:: + + Your Wazuh Cloud environment will still be accessible through the default URL, even if you have configured a custom domain. + + diff --git a/source/cloud-service/your-environment/index.rst b/source/cloud-service/your-environment/index.rst index 5c44197b04..aeea9ae241 100644 --- a/source/cloud-service/your-environment/index.rst +++ b/source/cloud-service/your-environment/index.rst @@ -21,4 +21,5 @@ Learn more about your environment in the sections below. send-syslog-data agents-without-internet configure-email + custom-dns technical-faq From ad7b229833dcb710cdddf6bef3608a81c357c135 Mon Sep 17 00:00:00 2001 From: Javier Medeot Date: Tue, 24 Sep 2024 16:23:34 -0300 Subject: [PATCH 02/21] Move browser compatibility sections --- source/installation-guide/wazuh-dashboard/index.rst | 12 ------------ source/quickstart.rst | 12 ------------ source/user-manual/wazuh-dashboard/index.rst | 11 +++++++++++ 3 files changed, 11 insertions(+), 24 deletions(-) diff --git a/source/installation-guide/wazuh-dashboard/index.rst b/source/installation-guide/wazuh-dashboard/index.rst index 932ff88eb5..f9eea1cc9d 100644 --- a/source/installation-guide/wazuh-dashboard/index.rst +++ b/source/installation-guide/wazuh-dashboard/index.rst @@ -99,18 +99,6 @@ The Wazuh dashboard can be installed on a dedicated node or along with the Wazuh | Wazuh dashboard | 4 | 2 | 8 | 4 | +-------------------------+----------+--------------+--------------+----------------+ -Browser compatibility -^^^^^^^^^^^^^^^^^^^^^ - -Wazuh dashboard supports the following web browsers: - -- Chrome 95 or later -- Firefox 93 or later -- Safari 13.7 or later - -Other Chromium-based browsers might also work. Internet Explorer 11 is not supported. - - .. toctree:: :hidden: :maxdepth: 1 diff --git a/source/quickstart.rst b/source/quickstart.rst index 80d9892311..c00e926ac0 100644 --- a/source/quickstart.rst +++ b/source/quickstart.rst @@ -56,18 +56,6 @@ Wazuh central components can be installed on a 64-bit Linux operating system. Wa * - Red Hat Enterprise Linux 7, 8, 9 - Ubuntu 16.04, 18.04, 20.04, 22.04 - -Browser compatibility -^^^^^^^^^^^^^^^^^^^^^ - -Wazuh dashboard supports the following web browsers: - -- Chrome 95 or later -- Firefox 93 or later -- Safari 13.7 or later - -Other Chromium-based browsers might also work. Internet Explorer 11 is not supported. - .. _quickstart_installing_wazuh: Installing Wazuh diff --git a/source/user-manual/wazuh-dashboard/index.rst b/source/user-manual/wazuh-dashboard/index.rst index 7f993e9871..14a60e4836 100644 --- a/source/user-manual/wazuh-dashboard/index.rst +++ b/source/user-manual/wazuh-dashboard/index.rst @@ -10,6 +10,17 @@ The Wazuh dashboard is a central component for analyzing and visualizing securit The Wazuh dashboard facilitates real-time monitoring of system health and security events. It also aids in compliance management and threat detection, making it a useful for security professionals aiming to fortify their organization's cybersecurity posture. +Browser compatibility +^^^^^^^^^^^^^^^^^^^^^ + +The Wazuh dashboard supports the following web browsers: + +- Chrome 95 or later +- Firefox 93 or later +- Safari 13.7 or later + +Other Chromium-based browsers might also work. Internet Explorer 11 is not supported. + The following section provides an overview of the Wazuh dashboard, covering topics from navigating the user interface to troubleshooting. .. toctree:: From be6e9079936e91cd0f76d987f83f99df19d29799 Mon Sep 17 00:00:00 2001 From: Javier Medeot Date: Wed, 25 Sep 2024 13:26:38 -0300 Subject: [PATCH 03/21] Update recommended OS tables --- source/installation-guide/wazuh-dashboard/index.rst | 12 ++++++------ source/installation-guide/wazuh-indexer/index.rst | 12 ++++++------ source/installation-guide/wazuh-server/index.rst | 12 ++++++------ source/quickstart.rst | 10 +++++----- 4 files changed, 23 insertions(+), 23 deletions(-) diff --git a/source/installation-guide/wazuh-dashboard/index.rst b/source/installation-guide/wazuh-dashboard/index.rst index f9eea1cc9d..03095fbed0 100644 --- a/source/installation-guide/wazuh-dashboard/index.rst +++ b/source/installation-guide/wazuh-dashboard/index.rst @@ -77,12 +77,12 @@ Recommended operating systems Wazuh can be installed on a 64-bit Linux operating system. Wazuh supports the following operating system versions: .. list-table:: - :width: 100% - - * - Amazon Linux 2 - - CentOS 7, 8 - * - Red Hat Enterprise Linux 7, 8, 9 - - Ubuntu 16.04, 18.04, 20.04, 22.04 + :width: 100% + + * - Amazon Linux 2, Amazon Linux 2023 + - CentOS 7, 8 + * - Red Hat Enterprise Linux 7, 8, 9 + - Ubuntu 16.04, 18.04, 20.04, 22.04, 24.04 Hardware requirements ^^^^^^^^^^^^^^^^^^^^^ diff --git a/source/installation-guide/wazuh-indexer/index.rst b/source/installation-guide/wazuh-indexer/index.rst index 500310e6cb..aa19068ab7 100644 --- a/source/installation-guide/wazuh-indexer/index.rst +++ b/source/installation-guide/wazuh-indexer/index.rst @@ -76,12 +76,12 @@ Recommended operating systems Wazuh can be installed on a 64-bit Linux operating system. Wazuh supports the following operating system versions: .. list-table:: - :width: 100% - - * - Amazon Linux 2 - - CentOS 7, 8 - * - Red Hat Enterprise Linux 7, 8, 9 - - Ubuntu 16.04, 18.04, 20.04, 22.04 + :width: 100% + + * - Amazon Linux 2, Amazon Linux 2023 + - CentOS 7, 8 + * - Red Hat Enterprise Linux 7, 8, 9 + - Ubuntu 16.04, 18.04, 20.04, 22.04, 24.04 Hardware recommendations ^^^^^^^^^^^^^^^^^^^^^^^^ diff --git a/source/installation-guide/wazuh-server/index.rst b/source/installation-guide/wazuh-server/index.rst index c77c80d9e3..c5be54b0b1 100644 --- a/source/installation-guide/wazuh-server/index.rst +++ b/source/installation-guide/wazuh-server/index.rst @@ -77,12 +77,12 @@ Recommended operating systems Wazuh server can be installed on a 64-bit Linux operating system. Wazuh supports the following operating system versions: .. list-table:: - :width: 100% - - * - Amazon Linux 2 - - CentOS 7, 8 - * - Red Hat Enterprise Linux 7, 8, 9 - - Ubuntu 16.04, 18.04, 20.04, 22.04 + :width: 100% + + * - Amazon Linux 2, Amazon Linux 2023 + - CentOS 7, 8 + * - Red Hat Enterprise Linux 7, 8, 9 + - Ubuntu 16.04, 18.04, 20.04, 22.04, 24.04 Hardware requirements ^^^^^^^^^^^^^^^^^^^^^ diff --git a/source/quickstart.rst b/source/quickstart.rst index c00e926ac0..671d77f099 100644 --- a/source/quickstart.rst +++ b/source/quickstart.rst @@ -49,12 +49,12 @@ Wazuh central components can be installed on a 64-bit Linux operating system. Wa .. list-table:: - :width: 100% + :width: 100% - * - Amazon Linux 2 - - CentOS 7, 8 - * - Red Hat Enterprise Linux 7, 8, 9 - - Ubuntu 16.04, 18.04, 20.04, 22.04 + * - Amazon Linux 2, Amazon Linux 2023 + - CentOS 7, 8 + * - Red Hat Enterprise Linux 7, 8, 9 + - Ubuntu 16.04, 18.04, 20.04, 22.04, 24.04 .. _quickstart_installing_wazuh: From 82969f46514dfcd59725644aac1cc5d3708c4734 Mon Sep 17 00:00:00 2001 From: Marcel Kemp Date: Thu, 26 Sep 2024 11:56:37 +0200 Subject: [PATCH 04/21] feat: Add arm64 packages for Wazuh manager --- source/installation-guide/packages-list.rst | 61 +++++++++++++++++---- 1 file changed, 50 insertions(+), 11 deletions(-) diff --git a/source/installation-guide/packages-list.rst b/source/installation-guide/packages-list.rst index 29cb9496da..35a66f20f9 100755 --- a/source/installation-guide/packages-list.rst +++ b/source/installation-guide/packages-list.rst @@ -49,29 +49,68 @@ Wazuh manager .. |Raspbian_x86_64_manager| replace:: `wazuh-manager_|WAZUH_CURRENT|-|WAZUH_REVISION_DEB_MANAGER_X86|_amd64.deb <|DEB_MANAGER_URL|_|WAZUH_CURRENT|-|WAZUH_REVISION_DEB_MANAGER_X86|_amd64.deb>`__ (`sha512 <|CHECKSUMS_URL||WAZUH_CURRENT|/wazuh-manager_|WAZUH_CURRENT|-|WAZUH_REVISION_DEB_MANAGER_X86|_amd64.deb.sha512>`__) +.. |Amazon_aarch64_manager| replace:: `wazuh-manager-|WAZUH_CURRENT|-|WAZUH_REVISION_YUM_MANAGER_X86|.aarch64.rpm <|RPM_MANAGER_URL|-|WAZUH_CURRENT|-|WAZUH_REVISION_YUM_MANAGER_X86|.aarch64.rpm>`__ (`sha512 <|CHECKSUMS_URL||WAZUH_CURRENT|/wazuh-manager-|WAZUH_CURRENT|-|WAZUH_REVISION_YUM_MANAGER_X86|.aarch64.rpm.sha512>`__) + +.. |CentOS7_aarch64_manager| replace:: `wazuh-manager-|WAZUH_CURRENT|-|WAZUH_REVISION_YUM_MANAGER_X86|.aarch64.rpm <|RPM_MANAGER_URL|-|WAZUH_CURRENT|-|WAZUH_REVISION_YUM_MANAGER_X86|.aarch64.rpm>`__ (`sha512 <|CHECKSUMS_URL||WAZUH_CURRENT|/wazuh-manager-|WAZUH_CURRENT|-|WAZUH_REVISION_YUM_MANAGER_X86|.aarch64.rpm.sha512>`__) + +.. |Debian8_aarch64_manager| replace:: `wazuh-manager_|WAZUH_CURRENT|-|WAZUH_REVISION_DEB_MANAGER_X86|_arm64.deb <|DEB_MANAGER_URL|_|WAZUH_CURRENT|-|WAZUH_REVISION_DEB_MANAGER_X86|_arm64.deb>`__ (`sha512 <|CHECKSUMS_URL||WAZUH_CURRENT|/wazuh-manager_|WAZUH_CURRENT|-|WAZUH_REVISION_DEB_MANAGER_X86|_arm64.deb.sha512>`__) + +.. |Fedora22_aarch64_manager| replace:: `wazuh-manager-|WAZUH_CURRENT|-|WAZUH_REVISION_YUM_MANAGER_X86|.aarch64.rpm <|RPM_MANAGER_URL|-|WAZUH_CURRENT|-|WAZUH_REVISION_YUM_MANAGER_X86|.aarch64.rpm>`__ (`sha512 <|CHECKSUMS_URL||WAZUH_CURRENT|/wazuh-manager-|WAZUH_CURRENT|-|WAZUH_REVISION_YUM_MANAGER_X86|.aarch64.rpm.sha512>`__) + +.. |OpenSUSE_aarch64_manager| replace:: `wazuh-manager-|WAZUH_CURRENT|-|WAZUH_REVISION_YUM_MANAGER_X86|.aarch64.rpm <|RPM_MANAGER_URL|-|WAZUH_CURRENT|-|WAZUH_REVISION_YUM_MANAGER_X86|.aarch64.rpm>`__ (`sha512 <|CHECKSUMS_URL||WAZUH_CURRENT|/wazuh-manager-|WAZUH_CURRENT|-|WAZUH_REVISION_YUM_MANAGER_X86|.aarch64.rpm.sha512>`__) + +.. |Oracle7_aarch64_manager| replace:: `wazuh-manager-|WAZUH_CURRENT|-|WAZUH_REVISION_YUM_MANAGER_X86|.aarch64.rpm <|RPM_MANAGER_URL|-|WAZUH_CURRENT|-|WAZUH_REVISION_YUM_MANAGER_X86|.aarch64.rpm>`__ (`sha512 <|CHECKSUMS_URL||WAZUH_CURRENT|/wazuh-manager-|WAZUH_CURRENT|-|WAZUH_REVISION_YUM_MANAGER_X86|.aarch64.rpm.sha512>`__) + +.. |RHEL7_aarch64_manager| replace:: `wazuh-manager-|WAZUH_CURRENT|-|WAZUH_REVISION_YUM_MANAGER_X86|.aarch64.rpm <|RPM_MANAGER_URL|-|WAZUH_CURRENT|-|WAZUH_REVISION_YUM_MANAGER_X86|.aarch64.rpm>`__ (`sha512 <|CHECKSUMS_URL||WAZUH_CURRENT|/wazuh-manager-|WAZUH_CURRENT|-|WAZUH_REVISION_YUM_MANAGER_X86|.aarch64.rpm.sha512>`__) + +.. |SUSE12_aarch64_manager| replace:: `wazuh-manager-|WAZUH_CURRENT|-|WAZUH_REVISION_YUM_MANAGER_X86|.aarch64.rpm <|RPM_MANAGER_URL|-|WAZUH_CURRENT|-|WAZUH_REVISION_YUM_MANAGER_X86|.aarch64.rpm>`__ (`sha512 <|CHECKSUMS_URL||WAZUH_CURRENT|/wazuh-manager-|WAZUH_CURRENT|-|WAZUH_REVISION_YUM_MANAGER_X86|.aarch64.rpm.sha512>`__) + +.. |Ubuntu13_aarch64_manager| replace:: `wazuh-manager_|WAZUH_CURRENT|-|WAZUH_REVISION_DEB_MANAGER_X86|_arm64.deb <|DEB_MANAGER_URL|_|WAZUH_CURRENT|-|WAZUH_REVISION_DEB_MANAGER_X86|_arm64.deb>`__ (`sha512 <|CHECKSUMS_URL||WAZUH_CURRENT|/wazuh-manager_|WAZUH_CURRENT|-|WAZUH_REVISION_DEB_MANAGER_X86|_arm64.deb.sha512>`__) + +.. |Raspbian_aarch64_manager| replace:: `wazuh-manager_|WAZUH_CURRENT|-|WAZUH_REVISION_DEB_MANAGER_X86|_arm64.deb <|DEB_MANAGER_URL|_|WAZUH_CURRENT|-|WAZUH_REVISION_DEB_MANAGER_X86|_arm64.deb>`__ (`sha512 <|CHECKSUMS_URL||WAZUH_CURRENT|/wazuh-manager_|WAZUH_CURRENT|-|WAZUH_REVISION_DEB_MANAGER_X86|_arm64.deb.sha512>`__) + +-----------------------+-------------------+--------------+------------------------------------------+ | Distribution | Version | Architecture | Package | +=======================+===================+==============+==========================================+ -| Amazon Linux | 1 and later | x86_64 | |Amazon_x86_64_manager| | +| | | x86_64 | |Amazon_x86_64_manager| | ++ Amazon Linux + 1 and later +--------------+------------------------------------------+ +| | | aarch64 | |Amazon_aarch64_manager| | +-----------------------+-------------------+--------------+------------------------------------------+ -| CentOS | 7 and later | x86_64 | |CentOS7_x86_64_manager| | +| | | x86_64 | |CentOS7_x86_64_manager| | ++ CentOS + 7 and later +--------------+------------------------------------------+ +| | | aarch64 | |CentOS7_aarch64_manager| | +-----------------------+-------------------+--------------+------------------------------------------+ -| Debian | 8 and later | x86_64 | |Debian8_x86_64_manager| | +| | | x86_64 | |Debian8_x86_64_manager| | ++ Debian + 8 and later +--------------+------------------------------------------+ +| | | aarch64 | |Debian8_aarch64_manager| | +-----------------------+-------------------+--------------+------------------------------------------+ -| Fedora | 22 and later | x86_64 | |Fedora22_x86_64_manager| | +| | | x86_64 | |Fedora22_x86_64_manager| | ++ Fedora + 22 and later +--------------+------------------------------------------+ +| | | aarch64 | |Fedora22_aarch64_manager| | +-----------------------+-------------------+--------------+------------------------------------------+ -| OpenSUSE | 42 and later | x86_64 | |OpenSUSE_x86_64_manager| | +| | | x86_64 | |OpenSUSE_x86_64_manager| | ++ OpenSUSE + 42 and later +--------------+------------------------------------------+ +| | | aarch64 | |OpenSUSE_aarch64_manager| | +-----------------------+-------------------+--------------+------------------------------------------+ -| Oracle Linux | 7 and later | x86_64 | |Oracle7_x86_64_manager| | +| | | x86_64 | |Oracle7_x86_64_manager| | ++ Oracle Linux + 7 and later +--------------+------------------------------------------+ +| | | aarch64 | |Oracle7_aarch64_manager| | +-----------------------+-------------------+--------------+------------------------------------------+ -| Red Hat | 7 and later | x86_64 | |RHEL7_x86_64_manager| | -| Enterprise Linux | | | | +| Red Hat | | x86_64 | |RHEL7_x86_64_manager| | ++ Enterprise Linux + 7 and later +--------------+------------------------------------------+ +| | | aarch64 | |RHEL7_aarch64_manager| | +-----------------------+-------------------+--------------+------------------------------------------+ -| SUSE | 12 | x86_64 | |SUSE12_x86_64_manager| | +| | | x86_64 | |SUSE12_x86_64_manager| | ++ SUSE + 12 +--------------+------------------------------------------+ +| | | aarch64 | |SUSE12_aarch64_manager| | +-----------------------+-------------------+--------------+------------------------------------------+ -| Ubuntu | 13 and later | x86_64 | |Ubuntu13_x86_64_manager| | +| | | x86_64 | |Ubuntu13_x86_64_manager| | ++ Ubuntu + 13 and later +--------------+------------------------------------------+ +| | | aarch64 | |Ubuntu13_aarch64_manager| | +-----------------------+-------------------+--------------+------------------------------------------+ -| Raspbian OS | Buster and later | x86_64 | |Raspbian_x86_64_manager| | +| | | x86_64 | |Raspbian_x86_64_manager| | ++ Raspbian OS + Buster and later +--------------+------------------------------------------+ +| | | aarch64 | |Raspbian_aarch64_manager| | +-----------------------+-------------------+--------------+------------------------------------------+ Filebeat From 8389cc834331a620e715b6b27a6db22aea2bccc2 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C3=81lex=20Ruiz?= Date: Thu, 26 Sep 2024 16:35:24 +0200 Subject: [PATCH 05/21] Remove step to delete ss4o index templates before a wazuh-indexer upgrade --- .gitignore | 3 ++- source/upgrade-guide/upgrading-central-components.rst | 8 +------- 2 files changed, 3 insertions(+), 8 deletions(-) diff --git a/.gitignore b/.gitignore index 7f01ab1ca1..a34cc07769 100644 --- a/.gitignore +++ b/.gitignore @@ -23,4 +23,5 @@ source/_themes/wazuh_doc_theme_v3/static/css/min/*.css.map source/_themes/wazuh_doc_theme_v3/static/js/min/*.js.map source/_themes/wazuh_doc_theme_v3/static/js/min/redirects.min.js source/_static/css/*.min.css -source/_static/js/*.min.js \ No newline at end of file +source/_static/js/*.min.js +.venv \ No newline at end of file diff --git a/source/upgrade-guide/upgrading-central-components.rst b/source/upgrade-guide/upgrading-central-components.rst index 58b4391b8f..9274a285ac 100644 --- a/source/upgrade-guide/upgrading-central-components.rst +++ b/source/upgrade-guide/upgrading-central-components.rst @@ -64,13 +64,7 @@ Upgrading the Wazuh indexer The cluster remains available throughout the upgrading process in a Wazuh indexer cluster with multiple nodes. This rolling upgrade allows for the shutting down of one Wazuh indexer node at a time for minimal disruption of service. -As a first step, remove the *ss4o* index templates. Replace ````, ````, and ```` before running any command below. - -.. code-block:: bash - - curl -X DELETE "https://:9200/_index_template/ss4o_*_template" -u : -k - -Then, repeat the following steps for every Wazuh indexer node. +Repeat the following steps for every Wazuh indexer node. #. Disable shard allocation. From c452f9610f5159561b9f45796fc31ed1bef22116 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C3=81lex=20Ruiz?= Date: Thu, 26 Sep 2024 16:37:20 +0200 Subject: [PATCH 06/21] Roll back changes to the gitignore --- .gitignore | 3 +-- 1 file changed, 1 insertion(+), 2 deletions(-) diff --git a/.gitignore b/.gitignore index a34cc07769..7f01ab1ca1 100644 --- a/.gitignore +++ b/.gitignore @@ -23,5 +23,4 @@ source/_themes/wazuh_doc_theme_v3/static/css/min/*.css.map source/_themes/wazuh_doc_theme_v3/static/js/min/*.js.map source/_themes/wazuh_doc_theme_v3/static/js/min/redirects.min.js source/_static/css/*.min.css -source/_static/js/*.min.js -.venv \ No newline at end of file +source/_static/js/*.min.js \ No newline at end of file From 5632d8a036e06b8d62c2a15ba6fc4237f886f07f Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C3=81lex=20Ruiz?= Date: Thu, 26 Sep 2024 16:39:12 +0200 Subject: [PATCH 07/21] Add back line to replace variables --- source/upgrade-guide/upgrading-central-components.rst | 2 ++ 1 file changed, 2 insertions(+) diff --git a/source/upgrade-guide/upgrading-central-components.rst b/source/upgrade-guide/upgrading-central-components.rst index 9274a285ac..464dac19b7 100644 --- a/source/upgrade-guide/upgrading-central-components.rst +++ b/source/upgrade-guide/upgrading-central-components.rst @@ -64,6 +64,8 @@ Upgrading the Wazuh indexer The cluster remains available throughout the upgrading process in a Wazuh indexer cluster with multiple nodes. This rolling upgrade allows for the shutting down of one Wazuh indexer node at a time for minimal disruption of service. +Replace ````, ````, and ```` before running any command below. + Repeat the following steps for every Wazuh indexer node. #. Disable shard allocation. From d958b596a7232d59d245217c6ebd3c69507f3cf9 Mon Sep 17 00:00:00 2001 From: Javier Medeot Date: Thu, 26 Sep 2024 15:23:00 -0300 Subject: [PATCH 08/21] Remove migration guide sections --- source/_static/js/redirects.js | 50 +++++ .../{files-backup => }/creating/index.rst | 0 .../creating/wazuh-agent.rst | 0 .../creating/wazuh-central-components.rst | 0 source/migration-guide/files-backup/index.rst | 18 -- source/migration-guide/index.rst | 22 +- .../{files-backup => }/restoring/index.rst | 0 .../restoring/wazuh-agent.rst | 2 +- .../restoring/wazuh-central-components.rst | 0 source/migration-guide/wazuh-dashboard.rst | 141 ------------ source/migration-guide/wazuh-indexer.rst | 210 ------------------ .../upgrading-central-components.rst | 2 +- 12 files changed, 62 insertions(+), 383 deletions(-) rename source/migration-guide/{files-backup => }/creating/index.rst (100%) rename source/migration-guide/{files-backup => }/creating/wazuh-agent.rst (100%) rename source/migration-guide/{files-backup => }/creating/wazuh-central-components.rst (100%) delete mode 100644 source/migration-guide/files-backup/index.rst rename source/migration-guide/{files-backup => }/restoring/index.rst (100%) rename source/migration-guide/{files-backup => }/restoring/wazuh-agent.rst (98%) rename source/migration-guide/{files-backup => }/restoring/wazuh-central-components.rst (100%) delete mode 100644 source/migration-guide/wazuh-dashboard.rst delete mode 100644 source/migration-guide/wazuh-indexer.rst diff --git a/source/_static/js/redirects.js b/source/_static/js/redirects.js index f3fe9a80aa..50ccefb6e0 100644 --- a/source/_static/js/redirects.js +++ b/source/_static/js/redirects.js @@ -168,6 +168,41 @@ redirections.push( '4.8': '/user-manual/capabilities/policy-monitoring/rootcheck/index.html', '4.9': '/user-manual/capabilities/malware-detection/rootkits-behavior-detection.html', }, + { + 'target': ['4.8=>4.9', '4.9=>4.8'], + '4.8': '/migration-guide/files-backup/index.html', + '4.9': '/migration-guide/index.html', + }, + { + 'target': ['4.8=>4.9', '4.9=>4.8'], + '4.8': '/migration-guide/files-backup/creating/index.html', + '4.9': '/migration-guide/creating/index.html', + }, + { + 'target': ['4.8=>4.9', '4.9=>4.8'], + '4.8': '/migration-guide/files-backup/creating/wazuh-agent.html', + '4.9': '/migration-guide/creating/wazuh-agent.html', + }, + { + 'target': ['4.8=>4.9', '4.9=>4.8'], + '4.8': '/migration-guide/files-backup/creating/wazuh-central-components.html', + '4.9': '/migration-guide/creating/wazuh-central-components.html', + }, + { + 'target': ['4.8=>4.9', '4.9=>4.8'], + '4.8': '/migration-guide/files-backup/restoring/index.html', + '4.9': '/migration-guide/restoring/index.html', + }, + { + 'target': ['4.8=>4.9', '4.9=>4.8'], + '4.8': '/migration-guide/files-backup/restoring/wazuh-agent.html', + '4.9': '/migration-guide/restoring/wazuh-agent.html', + }, + { + 'target': ['4.8=>4.9', '4.9=>4.8'], + '4.8': '/migration-guide/files-backup/restoring/wazuh-central-components.html', + '4.9': '/migration-guide/restoring/wazuh-central-components.html', + }, ); /* Pages added in 4.9 */ @@ -197,6 +232,12 @@ newUrls['4.9'] = [ '/user-manual/agent/agent-management/remote-upgrading/wpk-files/wpk-list.html', '/user-manual/wazuh-dashboard/navigating-the-wazuh-dashboard.html', '/user-manual/wazuh-dashboard/settings.html', + '/migration-guide/creating/index.html', + '/migration-guide/creating/wazuh-agent.html', + '/migration-guide/creating/wazuh-central-components.html', + '/migration-guide/restoring/index.html', + '/migration-guide/restoring/wazuh-agent.html', + '/migration-guide/restoring/wazuh-central-components.html', ]; /* Pages no longer available in 4.9 */ @@ -228,6 +269,15 @@ removedUrls['4.9'] = [ '/user-manual/capabilities/policy-monitoring/rootcheck/rootcheck-configuration.html', '/user-manual/capabilities/policy-monitoring/rootcheck/rootcheck-faq.html', '/user-manual/capabilities/policy-monitoring/ciscat/ciscat.html', + '/migration-guide/wazuh-indexer.html', + '/migration-guide/wazuh-dashboard.html', + '/migration-guide/files-backup/index.html', + '/migration-guide/files-backup/creating/index.html', + '/migration-guide/files-backup/creating/wazuh-agent.html', + '/migration-guide/files-backup/creating/wazuh-central-components.html', + '/migration-guide/files-backup/restoring/index.html', + '/migration-guide/files-backup/restoring/wazuh-agent.html', + '/migration-guide/files-backup/restoring/wazuh-central-components.html', ]; /* *** RELEASE 4.8 ****/ diff --git a/source/migration-guide/files-backup/creating/index.rst b/source/migration-guide/creating/index.rst similarity index 100% rename from source/migration-guide/files-backup/creating/index.rst rename to source/migration-guide/creating/index.rst diff --git a/source/migration-guide/files-backup/creating/wazuh-agent.rst b/source/migration-guide/creating/wazuh-agent.rst similarity index 100% rename from source/migration-guide/files-backup/creating/wazuh-agent.rst rename to source/migration-guide/creating/wazuh-agent.rst diff --git a/source/migration-guide/files-backup/creating/wazuh-central-components.rst b/source/migration-guide/creating/wazuh-central-components.rst similarity index 100% rename from source/migration-guide/files-backup/creating/wazuh-central-components.rst rename to source/migration-guide/creating/wazuh-central-components.rst diff --git a/source/migration-guide/files-backup/index.rst b/source/migration-guide/files-backup/index.rst deleted file mode 100644 index ac62f93c30..0000000000 --- a/source/migration-guide/files-backup/index.rst +++ /dev/null @@ -1,18 +0,0 @@ -.. Copyright (C) 2015, Wazuh, Inc. - -.. meta:: - :description: Learn how to keep a backup of key files of your Wazuh installation. - -Wazuh files backup -================== - -In this section you can find instructions on how to create and restore a backup of your Wazuh installation. - -To do this backup, you copy key files to a folder preserving file permissions, ownership, and path. Later, you can move this folder contents back to the corresponding location to restore your Wazuh data, certificates, and configurations. Backing up Wazuh files is useful in cases such as moving your Wazuh installation to another system. - -.. toctree:: - :maxdepth: 2 - - creating/index - restoring/index - diff --git a/source/migration-guide/index.rst b/source/migration-guide/index.rst index a87515b4eb..0714359b16 100644 --- a/source/migration-guide/index.rst +++ b/source/migration-guide/index.rst @@ -1,20 +1,18 @@ .. Copyright (C) 2015, Wazuh, Inc. - -.. meta:: - :description: Learn how to migrate from Open Distro for Elasticsearch to the Wazuh indexer and Wazuh dashboard. This guide gives instructions to perform the migration. -Migration guide -================ +.. meta:: + :description: Learn how to keep a backup of key files of your Wazuh installation. -From Wazuh 4.0.0 to Wazuh 4.2.7, the default Wazuh installation included the Wazuh server and `Open Distro for Elasticsearch `_, a project that is now archived and has been succeeded by OpenSearch. This guide includes instructions to migrate from Open Distro for Elasticsearch to the :doc:`Wazuh indexer ` and :doc:`Wazuh dashboard `, the new components introduced in Wazuh 4.3.0. +Backup guide +============ -- :doc:`Migrating to the Wazuh indexer `: Follow this section to migrate from Open Distro for Elasticsearch 1.13 to the Wazuh indexer. This new component consists of a distribution of `Opensearch `_ with additional tools that Wazuh has created to assist with the installation and configuration of the search engine. +In this section you can find instructions on how to create and restore a backup of your Wazuh installation. -- :doc:`Migrating to the Wazuh dashboard `: This section will guide you through the migration from Open Distro for Elasticsearch Kibana 1.13 to the Wazuh dashboard. This new web interface for the Wazuh platform is a customized `OpenSearch Dashboards `_ distribution that includes different sections, visualizations and tools to manage the Wazuh indexer information and the Wazuh Server. +To do this backup, you copy key files to a folder preserving file permissions, ownership, and path. Later, you can move this folder contents back to the corresponding location to restore your Wazuh data, certificates, and configurations. Backing up Wazuh files is useful in cases such as moving your Wazuh installation to another system. .. toctree:: - :hidden: + :maxdepth: 2 + + creating/index + restoring/index - wazuh-indexer - wazuh-dashboard - files-backup/index diff --git a/source/migration-guide/files-backup/restoring/index.rst b/source/migration-guide/restoring/index.rst similarity index 100% rename from source/migration-guide/files-backup/restoring/index.rst rename to source/migration-guide/restoring/index.rst diff --git a/source/migration-guide/files-backup/restoring/wazuh-agent.rst b/source/migration-guide/restoring/wazuh-agent.rst similarity index 98% rename from source/migration-guide/files-backup/restoring/wazuh-agent.rst rename to source/migration-guide/restoring/wazuh-agent.rst index 8d3adc90b5..348ec0f464 100644 --- a/source/migration-guide/files-backup/restoring/wazuh-agent.rst +++ b/source/migration-guide/restoring/wazuh-agent.rst @@ -20,7 +20,7 @@ You need to have a new installation of the Wazuh agent on a Linux endpoint. Foll Preparing the data restoration ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ -#. Compress the files generated after performing the :doc:`Wazuh files backup ` and transfer them to the respective monitored endpoints. +#. Compress the files generated after performing the :doc:`Wazuh files backup ` and transfer them to the respective monitored endpoints. .. code-block:: console diff --git a/source/migration-guide/files-backup/restoring/wazuh-central-components.rst b/source/migration-guide/restoring/wazuh-central-components.rst similarity index 100% rename from source/migration-guide/files-backup/restoring/wazuh-central-components.rst rename to source/migration-guide/restoring/wazuh-central-components.rst diff --git a/source/migration-guide/wazuh-dashboard.rst b/source/migration-guide/wazuh-dashboard.rst deleted file mode 100644 index 0569718106..0000000000 --- a/source/migration-guide/wazuh-dashboard.rst +++ /dev/null @@ -1,141 +0,0 @@ -.. Copyright (C) 2015, Wazuh, Inc. - -.. meta:: - :description: Follow this guide to migrate from Open Distro for Elasticsearch Kibana to the Wazuh dashboard. - -.. _migration_guide_dashboard: - -Migrating to the Wazuh dashboard -================================ - -Follow this guide to migrate from Open Distro for Elasticsearch Kibana 1.13 to the Wazuh dashboard. These instructions are intended for a standard Wazuh installation, you may need to make some changes to adapt them to your environment. - -To guarantee a correct operation of Wazuh, make sure to also migrate from Open Distro for Elasticsearch to the Wazuh indexer. To learn more, see the :doc:`Migrating to the Wazuh indexer ` documentation. - -.. note:: You need root user privileges to run all the commands described below. - -#. Stop the Kibana service. - - .. tabs:: - - .. group-tab:: Systemd - - .. code-block:: console - - # systemctl stop kibana - - .. group-tab:: SysV init - - .. code-block:: console - - # service kibana stop - -#. Add the Wazuh repository. You can skip this step if the repository is already present and enabled on your server. - - .. tabs:: - - - .. group-tab:: Yum - - - .. include:: /_templates/installations/common/yum/add-repository.rst - - - - .. group-tab:: APT - - - .. include:: /_templates/installations/common/deb/add-repository.rst - - - -#. Install the Wazuh dashboard package. - - .. tabs:: - - .. group-tab:: Yum - - .. code-block:: console - - # yum -y install wazuh-dashboard|WAZUH_DASHBOARD_RPM_PKG_INSTALL| - - .. group-tab:: APT - - .. code-block:: console - - # apt-get -y install wazuh-dashboard|WAZUH_DASHBOARD_DEB_PKG_INSTALL| - - .. note:: - - Make sure that your Wazuh manager is updated to the latest version. To learn more, see :ref:`upgrading_wazuh_server`. - -#. Create the ``/etc/wazuh-dashboard/certs`` directory, copy your old certificates to the new location and change ownership and permissions. - - .. code-block:: console - - # mkdir /etc/wazuh-dashboard/certs - # cp /etc/kibana/certs/kibana.pem /etc/wazuh-dashboard/certs/dashboard.pem - # cp /etc/kibana/certs/kibana-key.pem /etc/wazuh-dashboard/certs/dashboard-key.pem - # cp /etc/kibana/certs/root-ca.pem /etc/wazuh-dashboard/certs/root-ca.pem - # chmod 500 /etc/wazuh-dashboard/certs - # chmod 400 /etc/wazuh-dashboard/certs/* - # chown -R wazuh-dashboard:wazuh-dashboard /etc/wazuh-dashboard/certs - -#. Port your settings from ``/etc/kibana/kibana.yml`` to the ``/etc/wazuh-dashboard/opensearch_dashboards.yml`` file. You can omit the ``opensearch.username`` and the ``opensearch.password`` settings as they are now stored in the Wazuh dashboard keystore. - - .. code-block:: yaml - :emphasize-lines: 1,3 - - server.host: 0.0.0.0 - server.port: 443 - opensearch.hosts: https://localhost:9200 - opensearch.ssl.verificationMode: certificate - #opensearch.username: - #opensearch.password: - opensearch.requestHeadersAllowlist: ["securitytenant","Authorization"] - opensearch_security.multitenancy.enabled: false - opensearch_security.readonly_mode.roles: ["kibana_read_only"] - server.ssl.enabled: true - server.ssl.key: "/etc/wazuh-dashboard/certs/dashboard-key.pem" - server.ssl.certificate: "/etc/wazuh-dashboard/certs/dashboard.pem" - opensearch.ssl.certificateAuthorities: ["/etc/wazuh-dashboard/certs/root-ca.pem"] - uiSettings.overrides.defaultRoute: /app/wz-home - -#. Add the password of the ``kibanaserver`` user to the Wazuh dashboard keystore. Execute the command below and follow the instructions. You may find your old password in the ``/etc/kibana/kibana.yml`` configuration file. - - .. code-block:: console - - /usr/share/wazuh-dashboard/bin/opensearch-dashboards-keystore --allow-root add opensearch.password - - **Optional action** - To change the default user, run the following command. You will need to change the password accordingly. - - .. code-block:: console - - /usr/share/wazuh-dashboard/bin/opensearch-dashboards-keystore --allow-root add opensearch.username - - -#. Enable and start the Wazuh dashboard service. - - .. include:: /_templates/installations/dashboard/enable_dashboard.rst - - -#. Port your settings from ``/usr/share/kibana/data/wazuh/config/wazuh.yml`` to ``/usr/share/wazuh-dashboard/data/wazuh/config/wazuh.yml``. It is recommended to copy the content from ``/usr/share/kibana/data/wazuh/downloads/`` as well. - -#. Access the Wazuh web interface at ``https://`` with your credentials and make sure that everything is working as expected. - -#. Uninstall Kibana. - - .. tabs:: - - - .. group-tab:: Yum - - - .. include:: /_templates/installations/elastic/yum/uninstall_kibana.rst - - - - .. group-tab:: APT - - - .. include:: /_templates/installations/elastic/deb/uninstall_kibana.rst diff --git a/source/migration-guide/wazuh-indexer.rst b/source/migration-guide/wazuh-indexer.rst deleted file mode 100644 index dce782d1d7..0000000000 --- a/source/migration-guide/wazuh-indexer.rst +++ /dev/null @@ -1,210 +0,0 @@ -.. Copyright (C) 2015, Wazuh, Inc. - -.. meta:: - :description: Follow this guide to migrate from Open Distro for Elasticsearch to the Wazuh indexer. - -.. _migration_guide_indexer: - -Migrating to the Wazuh indexer -============================== - -Follow this guide to migrate from Open Distro for Elasticsearch 1.13 to the Wazuh indexer. These instructions are intended for a standard Wazuh installation, you may need to make some changes to adapt them to your environment. - -.. note:: You need root user privileges to run all the commands described below. - -#. Disable shard allocation to prevent Elasticsearch from replicating shards as you shut down nodes. Replace ```` with your Elasticsearch IP address or hostname, and ``:`` with your Elasticsearch username and password. - - .. code-block:: console - - curl -X PUT "https://:9200/_cluster/settings" -u : -k -H 'Content-Type: application/json' -d' - { - "persistent": { - "cluster.routing.allocation.enable": "primaries" - } - } - ' - -#. Stop indexing, and perform a flush: indexing/searching should be stopped and _flush can be used to permanently store information into the index which will prevent any data loss during the upgrade. - - .. code-block:: console - - curl -X POST "https://:9200/_flush/synced" -u : -k - -#. Stop Filebeat. - - .. include:: /_templates/installations/basic/elastic/common/stop_filebeat.rst - -#. Shutdown Elasticsearch. For distributed deployments, you can shut down a single node at a time: first data nodes and later master nodes. - - .. include:: /_templates/installations/basic/elastic/common/stop_elasticsearch.rst - -#. Add the Wazuh repository. You can skip this step if the repository is already present and enabled on your server. - - .. tabs:: - - - .. group-tab:: Yum - - - .. include:: /_templates/installations/common/yum/add-repository.rst - - - - .. group-tab:: APT - - - .. include:: /_templates/installations/common/deb/add-repository.rst - - - - -#. Install the Wazuh indexer. - - .. tabs:: - - .. group-tab:: Yum - - .. code-block:: console - - # yum -y install wazuh-indexer|WAZUH_INDEXER_RPM_PKG_INSTALL| - - .. group-tab:: APT - - .. code-block:: console - - # apt-get -y install wazuh-indexer|WAZUH_INDEXER_DEB_PKG_INSTALL| - -#. Create the ``/etc/wazuh-indexer/certs`` directory, copy your old certificates to the new location and change ownership and permissions. Note that the ``admin.pem`` and ``admin-key.pem`` certificates do not exist on every Elasticsearch node. - - .. code-block:: console - - # mkdir /etc/wazuh-indexer/certs - # cp /etc/elasticsearch/certs/elasticsearch-key.pem /etc/wazuh-indexer/certs/indexer-key.pem - # cp /etc/elasticsearch/certs/elasticsearch.pem /etc/wazuh-indexer/certs/indexer.pem - # cp /etc/elasticsearch/certs/admin.pem /etc/wazuh-indexer/certs/admin.pem - # cp /etc/elasticsearch/certs/admin-key.pem /etc/wazuh-indexer/certs/admin-key.pem - # cp /etc/elasticsearch/certs/root-ca.pem /etc/wazuh-indexer/certs/root-ca.pem - # chown -R wazuh-indexer:wazuh-indexer /etc/wazuh-indexer/certs/ - # chmod 500 /etc/wazuh-indexer/certs/ - # chmod 400 /etc/wazuh-indexer/certs/* - - -#. Move or copy your data to the new directories and change ownership. - - .. code-block:: console - - # rm -rf /var/lib/wazuh-indexer/ /var/log/wazuh-indexer/ - # mv /var/lib/elasticsearch/ /var/lib/wazuh-indexer/ - # mv /var/log/elasticsearch/ /var/log/wazuh-indexer/ - # chown wazuh-indexer:wazuh-indexer -R /var/log/wazuh-indexer/ - # chown wazuh-indexer:wazuh-indexer -R /var/lib/wazuh-indexer/ - - .. note:: - - If you have the Open Distro for Elasticsearch performance analyzer plugin installed, change the ownership of the ``/dev/shm/performanceanalyzer/`` directory by running the following command: ``chown wazuh-indexer:wazuh-indexer -R /dev/shm/performanceanalyzer/``. - -#. Port your settings from ``/etc/elasticsearch/elasticsearch.yml`` to ``/etc/wazuh-indexer/opensearch.yml``. Most settings use the same names. - - Take into account the following considerations: - - #. At a minimum, specify ``cluster.name``, ``node.name``, ``discovery.seed_hosts``, and ``cluster.initial_master_nodes``. - - #. Editing the ``path.data`` and the ``path.logs`` settings is not needed. The old data has been moved to the default Wazuh indexer paths in the previous step. - - #. Editing the certificates names and paths is not needed. The old certificates have been moved and renamed in a previous step. - - #. If you were using the default Wazuh certificates, change the Organizational Unit (OU) from ``Wazuh`` to ``Docu``. - - .. code-block:: yaml - :emphasize-lines: 2,6 - - plugins.security.authcz.admin_dn: - - "CN=admin,OU=Docu,O=Wazuh,L=California,C=US" - plugins.security.check_snapshot_restore_write_privileges: true - plugins.security.enable_snapshot_restore_privilege: true - plugins.security.nodes_dn: - - "CN=node-1,OU=Docu,O=Wazuh,L=California,C=US" - #- "CN=node-2,OU=Wazuh,O=Wazuh,L=California,C=US" - #- "CN=node-3,OU=Wazuh,O=Wazuh,L=California,C=US" - -#. **Optional**. Port any custom configurations, for example, the ``-Xms`` and ``-Xmx`` settings, from ``/etc/elasticsearch/jvm.options`` to ``/etc/wazuh-indexer/jvm.options``. - -#. Enable and start the Wazuh indexer. - - .. include:: /_templates/installations/indexer/common/enable_indexer.rst - -#. For multi-node deployments, repeat steps 4–10 until the upgrade is performed on all the nodes. - -#. Once all the nodes have been upgraded, restart Filebeat. - - .. include:: /_templates/common/restart_filebeat.rst - -#. Run the following command to verify that the communication between Filebeat and the Wazuh indexer is working as expected. - - .. code-block:: console - - # filebeat test output - - .. code-block:: none - :class: output - - elasticsearch: https://127.0.0.1:9200... - parse url... OK - connection... - parse host... OK - dns lookup... OK - addresses: 127.0.0.1 - dial up... OK - TLS... - security: server's certificate chain verification is enabled - handshake... OK - TLS version: TLSv1.3 - dial up... OK - talk to server... OK - version: 7.10.2 - -#. Monitor the health of the cluster as follows. Replace ```` with your Wazuh indexer IP address or hostname, and ``:`` with your Elasticsearch username and password. - - - .. code-block:: console - - curl -X GET "https://:9200/_cluster/health?pretty" -u : -k - -#. Re-enable shard allocation. - - .. code-block:: console - - curl -X PUT "https://:9200/_cluster/settings" -u : -k -H 'Content-Type: application/json' -d' - { - "persistent": { - "cluster.routing.allocation.enable": null - } - } - ' - -#. Verify that the indexed data in Open Distro is now searchable and indexable in the Wazuh indexer. You may enter the web interface, search for old data and verify that new alerts are coming in. - - -#. Uninstall Open Distro for Elasticsearch on all nodes. - - - .. tabs:: - - - .. group-tab:: Yum - - - .. include:: /_templates/installations/elastic/yum/uninstall_elasticsearch.rst - - - - .. group-tab:: APT - - - .. include:: /_templates/installations/elastic/deb/uninstall_elasticsearch.rst - - -Next steps ----------- - -Your cluster is now updated. To guarantee a correct operation of Wazuh, make sure to also migrate from Kibana to the Wazuh dashboard. To learn more, see the :doc:`wazuh-dashboard` section. diff --git a/source/upgrade-guide/upgrading-central-components.rst b/source/upgrade-guide/upgrading-central-components.rst index 5901136ad8..886119b5a9 100644 --- a/source/upgrade-guide/upgrading-central-components.rst +++ b/source/upgrade-guide/upgrading-central-components.rst @@ -6,7 +6,7 @@ Wazuh central components ======================== -This section guides you through the upgrade process of the Wazuh indexer, the Wazuh server, and the Wazuh dashboard. To migrate from Open Distro for Elasticsearch 1.13 to the Wazuh indexer and dashboard components, read the corresponding :doc:`/migration-guide/wazuh-indexer` and :doc:`/migration-guide/wazuh-dashboard` sections. +This section guides you through the upgrade process of the Wazuh indexer, the Wazuh server, and the Wazuh dashboard. .. note:: You need root user privileges to run all the commands described below. From 789443e9e501764b9480bac026fd85c1f7183066 Mon Sep 17 00:00:00 2001 From: Javier Medeot Date: Thu, 26 Sep 2024 17:11:33 -0300 Subject: [PATCH 09/21] Change titles --- .../malware-detection/virus-total-integration.rst | 2 +- source/user-manual/manager/integration-with-external-apis.rst | 4 ++-- source/user-manual/manager/wazuh-server-queue.rst | 2 +- 3 files changed, 4 insertions(+), 4 deletions(-) diff --git a/source/user-manual/capabilities/malware-detection/virus-total-integration.rst b/source/user-manual/capabilities/malware-detection/virus-total-integration.rst index c697fbf43b..3b42b0a27d 100644 --- a/source/user-manual/capabilities/malware-detection/virus-total-integration.rst +++ b/source/user-manual/capabilities/malware-detection/virus-total-integration.rst @@ -66,7 +66,7 @@ Use case: Scanning a file Getting started ^^^^^^^^^^^^^^^ -Follow the instructions from :doc:`Integration with external APIs ` to enable the Integrator module and configure the VirusTotal integration. +Follow the instructions from :doc:`/user-manual/manager/integration-with-external-apis` to enable the Integrator module and configure the VirusTotal integration. Below is an example of settings you must add to the ``/var/ossec/etc/ossec.conf`` file on the Wazuh server: diff --git a/source/user-manual/manager/integration-with-external-apis.rst b/source/user-manual/manager/integration-with-external-apis.rst index 7cc2e7fec6..102dbfd4a6 100644 --- a/source/user-manual/manager/integration-with-external-apis.rst +++ b/source/user-manual/manager/integration-with-external-apis.rst @@ -3,8 +3,8 @@ .. meta:: :description: The Wazuh Integrator module allows Wazuh to connect to external APIs and alerting tools. Learn more in this section of the documentation. -Integration with external APIs -============================== +External API integration +======================== The Wazuh Integrator module allows Wazuh to connect to external APIs and alerting tools such as `Slack`_, `PagerDuty`_, `VirusTotal`_, `Shuffle`_, and `Maltiverse`_. You can also configure the Integrator module to connect to other software. These integrations empower security administrators to enhance orchestration, automate responses, and fortify their defenses against cyber threats. diff --git a/source/user-manual/manager/wazuh-server-queue.rst b/source/user-manual/manager/wazuh-server-queue.rst index 68a0e70b1c..f2571b28dd 100644 --- a/source/user-manual/manager/wazuh-server-queue.rst +++ b/source/user-manual/manager/wazuh-server-queue.rst @@ -3,7 +3,7 @@ .. meta:: :description: The Wazuh server includes a queue mechanism that streamlines the collection of events from monitored endpoints. Learn more in this section of the documentation. -Wazuh server queue +Queuing mechanisms ================== The Wazuh server includes a queue mechanism that streamlines the collection of events from monitored endpoints. It ensures continuous data flow from the Wazuh agents, syslog endpoints, and agentless devices to the Wazuh server thereby preventing event flooding. The Wazuh server queue utilizes the First In, First Out (FIFO) methodology; therefore, the first queued event is the first to be removed from the queue and processed. It is based on distributed processing, allowing for the parallelization of log analysis tasks. This improves the scalability and performance of the log processing pipeline enabling Wazuh to handle large volumes of log data effectively. From 7b420cd42d4bd8a14a9d6b089db9cca0119536d1 Mon Sep 17 00:00:00 2001 From: Javier Medeot Date: Fri, 27 Sep 2024 09:22:17 -0300 Subject: [PATCH 10/21] Add changes from review --- source/upgrade-guide/upgrading-central-components.rst | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/source/upgrade-guide/upgrading-central-components.rst b/source/upgrade-guide/upgrading-central-components.rst index 464dac19b7..788aaad7af 100644 --- a/source/upgrade-guide/upgrading-central-components.rst +++ b/source/upgrade-guide/upgrading-central-components.rst @@ -64,9 +64,7 @@ Upgrading the Wazuh indexer The cluster remains available throughout the upgrading process in a Wazuh indexer cluster with multiple nodes. This rolling upgrade allows for the shutting down of one Wazuh indexer node at a time for minimal disruption of service. -Replace ````, ````, and ```` before running any command below. - -Repeat the following steps for every Wazuh indexer node. +Repeat the following steps for every Wazuh indexer node replacing ````, ````, and ````. #. Disable shard allocation. From 9d7d4ca0c2371b90c670ef63184986ae216a4ca7 Mon Sep 17 00:00:00 2001 From: Javier Medeot Date: Fri, 27 Sep 2024 09:59:04 -0300 Subject: [PATCH 11/21] Update 4.9.1 documentation changelog --- CHANGELOG.md | 2 ++ 1 file changed, 2 insertions(+) diff --git a/CHANGELOG.md b/CHANGELOG.md index cee5894625..4f81a44467 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -8,6 +8,7 @@ All notable changes to this project will be documented in this file. - Added dependency requirements to the offline installation guide. ([#7755](https://github.com/wazuh/wazuh-documentation/pull/7755)) - Added `SECURITY.md` to the Wazuh documentation repository. ([#7764](https://github.com/wazuh/wazuh-documentation/pull/7764)) - Added support for Python 3.12 in configuration steps. ([#7673](https://github.com/wazuh/wazuh-documentation/pull/7673)) +- Added ARM64 Wazuh Manager package references to the package list. ([#7806](https://github.com/wazuh/wazuh-documentation/pull/7806)) ### Changed @@ -23,6 +24,7 @@ All notable changes to this project will be documented in this file. ### Removed - Removed the command to delete `opensearch_dashboards.yml` in the *Upgrading the Wazuh dashboard* section. ([#7777](https://github.com/wazuh/wazuh-documentation/pull/7777)) +- Removed the step to delete ss4o index templates in *Upgrading the Wazuh indexer*. ([#7810](https://github.com/wazuh/wazuh-documentation/pull/7810)) ## [v4.9.0] From 66bbeb0b453681d6663e22f63a892c96968f3ac3 Mon Sep 17 00:00:00 2001 From: Javier Medeot Date: Fri, 27 Sep 2024 10:21:34 -0300 Subject: [PATCH 12/21] Update 4.9.1 documentation changelog --- CHANGELOG.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/CHANGELOG.md b/CHANGELOG.md index 4f81a44467..197d7cad87 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -8,7 +8,7 @@ All notable changes to this project will be documented in this file. - Added dependency requirements to the offline installation guide. ([#7755](https://github.com/wazuh/wazuh-documentation/pull/7755)) - Added `SECURITY.md` to the Wazuh documentation repository. ([#7764](https://github.com/wazuh/wazuh-documentation/pull/7764)) - Added support for Python 3.12 in configuration steps. ([#7673](https://github.com/wazuh/wazuh-documentation/pull/7673)) -- Added ARM64 Wazuh Manager package references to the package list. ([#7806](https://github.com/wazuh/wazuh-documentation/pull/7806)) +- Added ARM64 Wazuh manager package references to Packages list. ([#7806](https://github.com/wazuh/wazuh-documentation/pull/7806)) ### Changed From ca061ce2799a02a23bb90fd8a9169112e631051f Mon Sep 17 00:00:00 2001 From: Federico Rodriguez Date: Fri, 27 Sep 2024 15:36:35 +0200 Subject: [PATCH 13/21] Add SSO section to upgrade troubleshooting guide --- source/upgrade-guide/troubleshooting.rst | 11 +++++++++++ 1 file changed, 11 insertions(+) diff --git a/source/upgrade-guide/troubleshooting.rst b/source/upgrade-guide/troubleshooting.rst index c5ce10e634..7b5565e8bb 100644 --- a/source/upgrade-guide/troubleshooting.rst +++ b/source/upgrade-guide/troubleshooting.rst @@ -59,6 +59,17 @@ If you encounter the message *Application Not Found* when accessing the Wazuh da uiSettings.overrides.defaultRoute: /app/wz-home +SSO when upgrading from Wazuh v4.8.2 and earlier +------------------------------------------------ + +If you are upgrading from Wazuh v4.8.2 or earlier to v4.9.0 or later, the value of the ``exchange_key`` in the ``/etc/wazuh-indexer/opensearch-security/config.yml`` file may need to be updated. + +In previous versions (v4.8.0 and earlier), the ``exchange_key`` was set by copying the X.509 Certificate blob, excluding the ``-----BEGIN CERTIFICATE-----`` and ``-----END CERTIFICATE-----`` lines. + +Starting with v4.9.0, the ``exchange_key`` must be a 64-character random alphanumeric string. + +Please review the relevant documentation, as our SSO guides have been updated. Particularly the first step of the wazuh-indexer configuration. (:doc:`Okta `, :doc:`Microsoft Entra ID `, :doc:`PingOne `, :doc:`Google `, :doc:`Jumpcloud `, :doc:`OneLogin `, :doc:`Keycloack `) + None of the above solutions are fixing my problem ------------------------------------------------- From 5d7d86382ddf8d2891fe7505251ec2486be2f117 Mon Sep 17 00:00:00 2001 From: Federico Rodriguez Date: Fri, 27 Sep 2024 15:47:50 +0200 Subject: [PATCH 14/21] Remove the certificate blob copy instruction --- .../single-sign-on/administrator/okta.rst | 7 ------- .../user-administration/single-sign-on/read-only/okta.rst | 7 ------- 2 files changed, 14 deletions(-) diff --git a/source/user-manual/user-administration/single-sign-on/administrator/okta.rst b/source/user-manual/user-administration/single-sign-on/administrator/okta.rst index 47bf95aea9..29ad270f17 100644 --- a/source/user-manual/user-administration/single-sign-on/administrator/okta.rst +++ b/source/user-manual/user-administration/single-sign-on/administrator/okta.rst @@ -136,13 +136,6 @@ Okta Configuration Now, on the same page, click on **View SAML setup instructions**. Copy the **Identity Provider Issuer URL**, it will be the ``idp.entity_id``. - Copy the blob of the **X.509 Certificate** excluding the ``-----BEGIN CERTIFICATE-----`` and ``-----END CERTIFICATE-----`` lines. This will be used as the ``exchange_key``: - - .. thumbnail:: /images/single-sign-on/okta/14-navigate-to-applications.png - :title: Navigate to Applications - Applications - - Sign On - :align: center - :width: 80% - This information can also be found in the metadata XML file. Wazuh indexer configuration diff --git a/source/user-manual/user-administration/single-sign-on/read-only/okta.rst b/source/user-manual/user-administration/single-sign-on/read-only/okta.rst index 37b18a8261..c80d5b58cd 100644 --- a/source/user-manual/user-administration/single-sign-on/read-only/okta.rst +++ b/source/user-manual/user-administration/single-sign-on/read-only/okta.rst @@ -136,13 +136,6 @@ Okta Configuration Now, on the same page, click on **View SAML setup instructions**. Copy the **Identity Provider Issuer URL**, it will be the ``idp.entity_id``. - Copy the blob of the **X.509 Certificate** excluding the ``-----BEGIN CERTIFICATE-----`` and ``-----END CERTIFICATE-----`` lines. This will be used as the ``exchange_key``: - - .. thumbnail:: /images/single-sign-on/okta/read-only/14-navigate-to-applications-RO.png - :title: Navigate to Applications - Applications - - Sign On - :align: center - :width: 80% - This information can also be found in the metadata XML file. Wazuh indexer configuration From 054df25023bfd3663feac8d30c962c3d421f2d94 Mon Sep 17 00:00:00 2001 From: Javier Medeot Date: Fri, 27 Sep 2024 11:05:23 -0300 Subject: [PATCH 15/21] Update 4.9.1 release notes --- source/release-notes/release-4-9-1.rst | 41 +++++++++++++++++++++++++- 1 file changed, 40 insertions(+), 1 deletion(-) diff --git a/source/release-notes/release-4-9-1.rst b/source/release-notes/release-4-9-1.rst index b424c53098..2ee675dba3 100644 --- a/source/release-notes/release-4-9-1.rst +++ b/source/release-notes/release-4-9-1.rst @@ -13,6 +13,16 @@ What's new This release includes new features or enhancements as the following: +Wazuh manager +^^^^^^^^^^^^^ + +- `#24110 `__ Improved provisioning method for *wazuh-keystore* to enhance security. + +Wazuh agent +^^^^^^^^^^^ + +- `#25652 `__ Added support for macOS 15 "Sequoia" in Wazuh Agent. + Wazuh dashboard ^^^^^^^^^^^^^^^ @@ -25,6 +35,7 @@ Wazuh dashboard - `#6982 `__ Upgraded the ``follow-redirects`` dependency to ``1.15.6``. - `#6956 `__ Changed many loading spinners in some views to loading search progress. - `#6999 `__ Removed the XML autoformat function group configuration due to performance issues. +- `#7023 `__ Removed the PDF report footer year. Packages ^^^^^^^^ @@ -34,13 +45,38 @@ Packages - `#3118 `__ Changed Filebeat passwords only when installing Wazuh Server or changing passwords. - `#3119 `__ Updated ``SECURITY.md`` format. - `#3121 `__ Added stage parameter in ``bump_version`` script. -- `#3124 `__ Replaced source branch in Installation Assistant. Resolved issues --------------- This release resolves known issues as the following: +Wazuh manager +^^^^^^^^^^^^^ + +- `#24909 `__ Fixed vulnerability detector issue where RPM upgrade wouldn't download new content. +- `#25667 `__ Fixed uncaught exception at Keystore test tool. +- `#25705 `__ Replaced ``eval`` calls with ``ast.literal_eval``. + +Wazuh agent +^^^^^^^^^^^ + +- `#24910 `__ Fixed agent crash on Windows version 4.8.0. +- `#25209 `__ Fixed data race conditions at FIM's ``run_check``. +- `#24376 `__ Fixed Windows agent crashes related to ``syscollector.dll``. +- `#25445 `__ Fixed errors related to the ``libatomic.a`` library on AIX 7.X. +- `#24932 `__ Fixed errors in Windows Agent where ``EvtFormatMessage`` returned errors 15027 and 15033. +- `#25459 `__ Fixed FIM issue where it couldn't fetch group entries longer than 1024 bytes. +- `#25469 `__ Fixed Wazuh Agent crash at ``syscollector``. +- `#23528 `__ Fixed a bug in the processed dates in the AWS module related to the AWS Config type. +- `#24694 `__ Fixed an error in Custom Logs Buckets when parsing a CSV file that exceeds a certain size. + +RESTful API +^^^^^^^^^^^ + +- `#25764 `__ Fixed requests logging to obtain the ``hash_auth_context`` from JWT tokens. +- `#25216 `__ Enabled API to listen to both IPv4 and IPv6 stacks. + Wazuh dashboard ^^^^^^^^^^^^^^^ @@ -54,6 +90,9 @@ Wazuh dashboard - `#6983 `__ Fixed missing options depending on agent operating system in the agent configuration report. - `#6989 `__ Fixed a style issue that affected the **Discover** plugin. - `#6995 `__ Fixed a problem updating the API host registry in the ``GET /api/check-stored-api``. +- `#7019 `__ Fixed the **Open report** button on the toast and the **Download report** icon in the reporting table in Safari. +- `#7015 `__ Fixed style issue when unpinning an agent in the endpoint summary section. +- `#7021 `__ Fixed overflow style on a long value filter. Packages ^^^^^^^^ From 84ac98654ef50674018582ad9a4f5d2eb7977448 Mon Sep 17 00:00:00 2001 From: Javier Medeot Date: Fri, 27 Sep 2024 16:10:32 -0300 Subject: [PATCH 16/21] Add changes from review --- source/upgrade-guide/troubleshooting.rst | 12 +++++------- 1 file changed, 5 insertions(+), 7 deletions(-) diff --git a/source/upgrade-guide/troubleshooting.rst b/source/upgrade-guide/troubleshooting.rst index 7b5565e8bb..8a6eaa4557 100644 --- a/source/upgrade-guide/troubleshooting.rst +++ b/source/upgrade-guide/troubleshooting.rst @@ -59,16 +59,14 @@ If you encounter the message *Application Not Found* when accessing the Wazuh da uiSettings.overrides.defaultRoute: /app/wz-home -SSO when upgrading from Wazuh v4.8.2 and earlier ------------------------------------------------- +SSO issue when upgrading from Wazuh 4.8 and earlier +------------------------------------------------------ -If you are upgrading from Wazuh v4.8.2 or earlier to v4.9.0 or later, the value of the ``exchange_key`` in the ``/etc/wazuh-indexer/opensearch-security/config.yml`` file may need to be updated. +If you are upgrading from Wazuh 4.8 and earlier, you must update the value of ``exchange_key`` in the ``/etc/wazuh-indexer/opensearch-security/config.yml`` file. -In previous versions (v4.8.0 and earlier), the ``exchange_key`` was set by copying the X.509 Certificate blob, excluding the ``-----BEGIN CERTIFICATE-----`` and ``-----END CERTIFICATE-----`` lines. +In previous versions, ``exchange_key`` was set by copying the X.509 Certificate blob, excluding the ``-----BEGIN CERTIFICATE-----`` and ``-----END CERTIFICATE-----`` lines. -Starting with v4.9.0, the ``exchange_key`` must be a 64-character random alphanumeric string. - -Please review the relevant documentation, as our SSO guides have been updated. Particularly the first step of the wazuh-indexer configuration. (:doc:`Okta `, :doc:`Microsoft Entra ID `, :doc:`PingOne `, :doc:`Google `, :doc:`Jumpcloud `, :doc:`OneLogin `, :doc:`Keycloack `) +Starting with Wazuh 4.9.0, ``exchange_key`` must be a 64-character random alphanumeric string. Refer to the the first step of the *Wazuh indexer configuration* in the :doc:`Single sign-on ` guides, such as :doc:`Okta `, :doc:`Microsoft Entra ID `, :doc:`PingOne `, :doc:`Google `, :doc:`Jumpcloud `, :doc:`OneLogin `, and :doc:`Keycloack `. None of the above solutions are fixing my problem ------------------------------------------------- From 9998f36f4f294ce7faf0cd0b739bd212ce86ad18 Mon Sep 17 00:00:00 2001 From: Javier Medeot Date: Tue, 1 Oct 2024 11:24:52 -0300 Subject: [PATCH 17/21] Update Agentless monitoring How it works section --- .../agentless-monitoring/how-it-works.rst | 23 ++++++++----------- 1 file changed, 10 insertions(+), 13 deletions(-) diff --git a/source/user-manual/capabilities/agentless-monitoring/how-it-works.rst b/source/user-manual/capabilities/agentless-monitoring/how-it-works.rst index f9b23262af..95b1599998 100644 --- a/source/user-manual/capabilities/agentless-monitoring/how-it-works.rst +++ b/source/user-manual/capabilities/agentless-monitoring/how-it-works.rst @@ -1,27 +1,24 @@ .. Copyright (C) 2015, Wazuh, Inc. .. meta:: - :description: Learn more about how the agentless monitoring of Wazuh works in this section of our documentation. - + :description: Learn more about how the agentless monitoring of Wazuh works in this section of our documentation. + How it works ============ -To monitor endpoints without an agent, Wazuh requires an SSH connection between the Wazuh server and the endpoint to be monitored. The Wazuh agentless monitoring module can perform the following actions: - -- Monitor files, directories, or configuration of an endpoint -- Run commands on an endpoint +To monitor endpoints without an agent, Wazuh requires an SSH connection between the Wazuh server and the endpoints to be monitored. These endpoints can range from network devices, such as firewalls and routers, to computers. After a connection is established between the Wazuh manager and the monitored endpoint, the Wazuh agentless monitoring module can perform the following actions: -.. _monitor-files-directories-configuration-endpoint: +.. contents:: + :local: + :depth: 1 + :backlinks: none -Monitor files, directories, or configuration of an endpoint +Monitor files, directories, or configuration of an endpoint ----------------------------------------------------------- -You can configure the Wazuh agentless monitoring module to monitor files, directories, and Cisco PIX firewall and router configurations. If there is a change to the monitored files and directories or the configuration of the firewall or router, this triggers an alert. - -.. _run-commands-endpoint: +You can configure the Wazuh agentless monitoring module to monitor files and directories on SSH-accessible endpoints and configurations of network devices such as firewalls and routers. If there is a change to the monitored files and directories or the configuration of the network devices, an alert is triggered and this can be viewed on the Wazuh dashboard. Run commands on an endpoint --------------------------- -You can specify commands to be run on the monitored endpoint, and the agentless monitoring module detects the output of these commands. When the output of executed commands changes, it detects them and triggers an alert. - +You can specify commands to be run periodically on a monitored endpoint and track their output with the Wazuh agentless monitoring module. When the output of these commands changes, the module detects the change and triggers alerts that can be viewed on the Wazuh dashboard. From 9ce316355e2187daa071c2e738f4a9b0edfc17b5 Mon Sep 17 00:00:00 2001 From: Javier Medeot Date: Fri, 4 Oct 2024 09:09:54 -0300 Subject: [PATCH 18/21] Update 4.9.1 release notes --- source/release-notes/release-4-9-1.rst | 8 ++++++++ 1 file changed, 8 insertions(+) diff --git a/source/release-notes/release-4-9-1.rst b/source/release-notes/release-4-9-1.rst index 2ee675dba3..4aa13de3ad 100644 --- a/source/release-notes/release-4-9-1.rst +++ b/source/release-notes/release-4-9-1.rst @@ -23,6 +23,11 @@ Wazuh agent - `#25652 `__ Added support for macOS 15 "Sequoia" in Wazuh Agent. +RESTful API +^^^^^^^^^^^ + +- `#26103 `__ Changed the error status code thrown when basic services are down to 500. + Wazuh dashboard ^^^^^^^^^^^^^^^ @@ -42,6 +47,7 @@ Packages - `#3111 `__ Added offline installation assistant import for the downloaded GPG Wazuh key. - `#3098 `__ Changed version to tag reference in ``source_branch`` references. +- `#3134 `__ Revert update source branch in unattended installer. - `#3118 `__ Changed Filebeat passwords only when installing Wazuh Server or changing passwords. - `#3119 `__ Updated ``SECURITY.md`` format. - `#3121 `__ Added stage parameter in ``bump_version`` script. @@ -70,6 +76,7 @@ Wazuh agent - `#25469 `__ Fixed Wazuh Agent crash at ``syscollector``. - `#23528 `__ Fixed a bug in the processed dates in the AWS module related to the AWS Config type. - `#24694 `__ Fixed an error in Custom Logs Buckets when parsing a CSV file that exceeds a certain size. +- `#26108 `__ Fixed macOS syslog and ULS not configured out-of-the-box. RESTful API ^^^^^^^^^^^ @@ -93,6 +100,7 @@ Wazuh dashboard - `#7019 `__ Fixed the **Open report** button on the toast and the **Download report** icon in the reporting table in Safari. - `#7015 `__ Fixed style issue when unpinning an agent in the endpoint summary section. - `#7021 `__ Fixed overflow style on a long value filter. +- `#7056 `__ Fixed buttons enabled for a read-only user in **Endpoint groups** section. Packages ^^^^^^^^ From 92cfcf7019f4f6b6b728bb978d72db933aa33053 Mon Sep 17 00:00:00 2001 From: Javier Medeot Date: Fri, 4 Oct 2024 15:01:25 -0300 Subject: [PATCH 19/21] Update VirusTotal terms in malware detection capability --- .../malware-detection/virus-total-integration.rst | 8 +++++--- 1 file changed, 5 insertions(+), 3 deletions(-) diff --git a/source/user-manual/capabilities/malware-detection/virus-total-integration.rst b/source/user-manual/capabilities/malware-detection/virus-total-integration.rst index 3b42b0a27d..e8cc6345e0 100644 --- a/source/user-manual/capabilities/malware-detection/virus-total-integration.rst +++ b/source/user-manual/capabilities/malware-detection/virus-total-integration.rst @@ -28,10 +28,12 @@ VirusTotal's Terms of Service specify the two ways users may use the VirusTotal Public API ^^^^^^^^^^ -This method uses a free API with many of VirusTotal's functionalities. However, it has some significant limitations, such as: +This method uses a free API with many of VirusTotal's functionalities. However, it has some `significant limitations `__, such as: -- Request rate limitations, which you can find on `VirusTotal’s website `__. -- Low priority access for requests done by this API to the VirusTotal engine. +- The Public API is limited to 500 requests per day and a rate of 4 requests per minute. +- The Public API must not be used in commercial products or services. +- The Public API must not be used in business workflows that do not contribute new files. +- You are not allowed to register multiple accounts to overcome the aforementioned limitations. Private API ^^^^^^^^^^^ From 2f303a0d9fbae341c81dac49fffd60737bc3adb8 Mon Sep 17 00:00:00 2001 From: Javier Medeot Date: Fri, 4 Oct 2024 15:35:30 -0300 Subject: [PATCH 20/21] Add changes from review --- .../your-environment/custom-dns.rst | 49 +++++++------------ 1 file changed, 19 insertions(+), 30 deletions(-) diff --git a/source/cloud-service/your-environment/custom-dns.rst b/source/cloud-service/your-environment/custom-dns.rst index f938f48b28..11f6038e6f 100644 --- a/source/cloud-service/your-environment/custom-dns.rst +++ b/source/cloud-service/your-environment/custom-dns.rst @@ -1,47 +1,36 @@ .. Copyright (C) 2015, Wazuh, Inc. .. meta:: - :description: Check out how to configure a custom domain to access an environment in Wazuh Cloud. Learn more about it in this section of the documentation. - -.. _cloud_your_environment_custom_dns: + :description: Check out how to configure a custom domain to access an environment in Wazuh Cloud. Learn more about it in this section of the documentation. Custom DNS -============= - -By default, Wazuh Cloud environments are accessed through a subdomain of `cloud.wazuh.com`. - -You can configure your environment to use your own custom domain. To do this, go to the **Wazuh Cloud Console** under the environment details page. You will be asked to provide the following: - -* **Certificate**: SSL/TLS certificate for your domain - - * Must use SHA2 +========== - * Must use RSA with key size of at least 2048-bit +By default, Wazuh Cloud environments are accessed through a subdomain of ``cloud.wazuh.com``. - * TLS Web Server Authentication is required if using EKU +You can configure your environment to use your own custom domain. To do this, go to the **Wazuh Cloud Console** under the environment details page. You need to provide the following: - * Must contain domain name in CN or SAN field(s) +- **Certificate**: SSL/TLS certificate for your domain - * Must be PEM encoded + - Must use SHA2 + - Must use RSA with key size of at least 2048 bits + - TLS Web Server Authentication is required if using EKU + - Must contain domain name in CN or SAN field(s) + - Must be PEM encoded -* **Private Key**: Associated with the provided certificate +- **Private Key**: Associated with the provided certificate - * Must not be encrypted or require a passphrase + - Must not be encrypted or require a passphrase + - Must be PEM encoded - * Must be PEM encoded +- **Certificate Chain**: Used to sign your certificate -* **Certificate Chain**: Used to sign your certificate + - Must contain all intermediate certificates in the certificate chain + - Must be signed by a trusted certificate authority + - Must be PEM encoded - * Must contain all intermediate certificates in the certificate chain - - * Must be signed by a trusted certificate authority - - * Must be PEM encoded - -After providing the above and applying the configuration, create a `CNAME` DNS record using the value provided by the **Wazuh Cloud Console**. +After providing the above and applying the configuration, create a ``CNAME`` DNS record using the value provided by the **Wazuh Cloud Console**. .. note:: - Your Wazuh Cloud environment will still be accessible through the default URL, even if you have configured a custom domain. - - + Your Wazuh Cloud environment is still accessible through the default URL, even if you have configured a custom domain. From 86d11eb54408ce730a6526d6027641a580ff586c Mon Sep 17 00:00:00 2001 From: Damian Nudelman Date: Tue, 8 Oct 2024 17:06:38 -0300 Subject: [PATCH 21/21] Remove cache configuration option and fix indentation --- source/user-manual/api/configuration.rst | 21 ++------------------- 1 file changed, 2 insertions(+), 19 deletions(-) diff --git a/source/user-manual/api/configuration.rst b/source/user-manual/api/configuration.rst index adfb81a8c9..e3292176be 100644 --- a/source/user-manual/api/configuration.rst +++ b/source/user-manual/api/configuration.rst @@ -53,10 +53,6 @@ Here are all the available settings for the ``/var/ossec/api/configuration/api.y allow_headers: "*" allow_credentials: no - cache: - enabled: yes - time: 0.750 - access: max_login_attempts: 50 block_time: 300 @@ -81,8 +77,8 @@ Here are all the available settings for the ``/var/ossec/api/configuration/api.y integrations: virustotal: public_key: - allow: yes - minimum_quota: 240 + allow: yes + minimum_quota: 240 .. warning:: @@ -235,19 +231,6 @@ cors | allow_credentials | yes, true, no, false | false | Tell browsers whether to expose the response to frontend JavaScript or not. | +-------------------+----------------------+---------------+-----------------------------------------------------------------------------------------------+ -cache -^^^^^ - -.. deprecated:: 4.8.0 - -+------------+--------------------------------------+---------------+-----------------------------------------------------------------------------------------------------------------------------+ -| Sub-fields | Allowed values | Default value | Description | -+============+======================================+===============+=============================================================================================================================+ -| enabled | yes, true, no, false | true | Enable or disable caching for certain Wazuh server API responses (currently, all :api-ref:`rules endpoints ` ) | -+------------+--------------------------------------+---------------+-----------------------------------------------------------------------------------------------------------------------------+ -| time | Any positive integer or real number | 0.75 | Time in seconds that the cache lasts before expiring. | -+------------+--------------------------------------+---------------+-----------------------------------------------------------------------------------------------------------------------------+ - .. _api_configuration_access: access