wazuh/wazuh-ansible
1
0
Fork 0
mirror of https://github.com/wazuh/wazuh-ansible.git synced 2025-12-10 00:38:17 -06:00
Code Issues Packages Projects Releases 105 Wiki Activity

Adapt Wazuh log gathering playbooks to use consistent variable naming and improve directory management.

Browse Source 
Adapt workflows to new architecture
Remove degree of dependency of inventory hostname
This commit is contained in:
Jesus Garcia 2025-11-14 14:08:31 -05:00
parent 0d6c34681f
commit fed047b297
No known key found for this signature in database
GPG Key ID: 8461CA78326C96C9
5 changed files with 92 additions and 59 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

64
.github/playbooks/gather_agent_logs.yml vendored
View File

@ -22,16 +22,20 @@
- name: Linux | Set required facts for logs gathering (2/2) - name: Linux | Set required facts for logs gathering (2/2)
ansible.builtin.set_fact: ansible.builtin.set_fact:
remote_log_file_path: "/tmp/{{ logs_prefix }}_{{ ansible_date_time.epoch }}" remote_gathering_path: "/tmp/{{ logs_prefix }}_{{ ansible_date_time.epoch }}"
- name: Linux | Remove existing Wazuh logs temporal directories - name: Linux | Remove existing Wazuh logs temporal directories
ansible.builtin.file: ansible.builtin.file:
path: "{{ remote_log_file_path }}" path: "{{ remote_gathering_path }}"
state: absent state: absent
- name: Set fact for logs directory
ansible.builtin.set_fact:
remote_logs_path: "{{ remote_gathering_path }}/logs"
- name: Linux | Create temporal directories for Wazuh logs - name: Linux | Create temporal directories for Wazuh logs
ansible.builtin.file: ansible.builtin.file:
path: "{{ remote_log_file_path }}" path: "{{ remote_logs_path }}"
state: directory state: directory
mode: '0755' mode: '0755'
@ -41,47 +45,55 @@
- name: Linux | Wazuh Agent | Fetching logs (1/3) - name: Linux | Wazuh Agent | Fetching logs (1/3)
changed_when: false changed_when: false
ansible.builtin.shell: | ansible.builtin.shell: |
journalctl -u wazuh-agent > {{ remote_log_file_path }}/{{ logs_prefix }}_journalctl.log journalctl -u wazuh-agent > {{ remote_logs_path }}/{{ logs_prefix }}_journalctl.log
- name: Linux | Wazuh Agent | Fetching logs (2/3) - name: Linux | Wazuh Agent | Fetching logs (2/3)
ansible.builtin.find: ansible.builtin.find:
paths: /var/ossec/logs paths: /var/ossec/logs
file_type: file file_type: file
register: finded_files register: wazuh_agent_logs
- name: Linux | Wazuh Agent | Fetching logs (3/3) - name: Linux | Wazuh Agent | Fetching logs (3/3)
ansible.builtin.copy: ansible.builtin.copy:
src: "{{ item.path }}" src: "{{ item.path }}"
dest: "{{ remote_log_file_path }}/{{ logs_prefix }}_{{ item.path | basename }}" dest: "{{ remote_logs_path }}/{{ logs_prefix }}_{{ item.path | basename }}"
remote_src: true remote_src: true
loop: "{{ lookup('ansible.builtin.vars', 'ansible_facts').finded_files.files }}" loop: "{{ wazuh_agent_logs.files | default([]) }}"
loop_control: loop_control:
label: "{{ item.path | basename }}" label: "{{ item.path | basename }}"
when: finded_files.files is defined and (finded_files.matched | int) > 0 when: wazuh_agent_logs.files is defined and (wazuh_agent_logs.matched | int) > 0
- name: Linux | Wazuh Agent | Fetching agent configuration - name: Linux | Wazuh Agent | Fetching agent configuration
ansible.builtin.copy: ansible.builtin.copy:
src: /var/ossec/etc/ossec.conf src: /var/ossec/etc/ossec.conf
dest: "{{ remote_log_file_path }}/{{ logs_prefix }}_ossec.conf" dest: "{{ remote_logs_path }}/{{ logs_prefix }}_ossec.conf"
remote_src: true remote_src: true
mode: '0644' mode: '0644'
- name: Linux | Compress Wazuh logs - name: Linux | Compress Wazuh logs
community.general.archive: block:
path: "{{ remote_log_file_path }}" - name: Compress Wazuh logs (archive module)
dest: "{{ remote_log_file_path }}/compressed_wazuh_agent_logs_{{ logs_prefix }}.tar.gz" community.general.archive:
format: gz path: "{{ remote_logs_path }}"
mode: '0644' dest: "{{ remote_gathering_path }}/compressed_wazuh_agent_logs_{{ logs_prefix }}.tar.gz"
format: gz
mode: '0644'
rescue:
- name: Compress Wazuh logs (tar command)
ansible.builtin.shell: |
tar -czf {{ remote_gathering_path }}/compressed_wazuh_agent_logs_{{ logs_prefix }}.tar.gz -C {{ remote_logs_path }} .
args:
creates: "{{ remote_gathering_path }}/compressed_wazuh_agent_logs_{{ logs_prefix }}.tar.gz"
- name: Linux | Copy Wazuh logs to local machine - name: Linux | Copy Wazuh logs to local machine
ansible.builtin.fetch: ansible.builtin.fetch:
src: "{{ remote_log_file_path }}/compressed_wazuh_agent_logs_{{ logs_prefix }}.tar.gz" src: "{{ remote_gathering_path }}/compressed_wazuh_agent_logs_{{ logs_prefix }}.tar.gz"
dest: "{{ local_log_file_path }}/" dest: "{{ local_log_file_path }}/"
flat: true flat: true
- name: Linux | Remove Wazuh logs temporal directory from remote machine - name: Linux | Remove Wazuh logs temporal directory from remote machine
ansible.builtin.file: ansible.builtin.file:
path: "{{ remote_log_file_path }}" path: "{{ remote_gathering_path }}"
state: absent state: absent
- name: Gather Wazuh Agent logs from Windows hosts - name: Gather Wazuh Agent logs from Windows hosts
@ -93,16 +105,16 @@
- name: Windows | Set required facts for logs gathering (2/2) - name: Windows | Set required facts for logs gathering (2/2)
ansible.builtin.set_fact: ansible.builtin.set_fact:
remote_log_file_path: "C:\\Temp\\{{ logs_prefix }}_{{ ansible_date_time.epoch }}" remote_gathering_path: "C:\\Temp\\{{ logs_prefix }}_{{ ansible_date_time.epoch }}"
- name: Windows | Remove existing Wazuh logs temporal directories - name: Windows | Remove existing Wazuh logs temporal directories
ansible.windows.win_file: ansible.windows.win_file:
path: "{{ remote_log_file_path }}" path: "{{ remote_gathering_path }}"
state: absent state: absent
- name: Windows | Create temporal directories for Wazuh logs - name: Windows | Create temporal directories for Wazuh logs
ansible.windows.win_file: ansible.windows.win_file:
path: "{{ remote_log_file_path }}" path: "{{ remote_gathering_path }}"
state: directory state: directory
- name: Windows | Wazuh Agent - name: Windows | Wazuh Agent
@ -110,7 +122,7 @@
block: block:
- name: Windows | Wazuh Agent | Fetching logs (1/3) - name: Windows | Wazuh Agent | Fetching logs (1/3)
ansible.windows.win_shell: | ansible.windows.win_shell: |
$LogPath = "{{ remote_log_file_path }}\\{{ logs_prefix }}_wevents.log"; $LogPath = "{{ remote_gathering_path }}\\{{ logs_prefix }}_wevents.log";
Get-EventLog -LogName Application | Get-EventLog -LogName Application |
Where-Object { $_.Source -eq 'Wazuh' } | Where-Object { $_.Source -eq 'Wazuh' } |
Select-Object -ExpandProperty Message | Select-Object -ExpandProperty Message |
@ -125,7 +137,7 @@
- name: Windows | Wazuh Agent | Fetching logs (3/3) - name: Windows | Wazuh Agent | Fetching logs (3/3)
ansible.windows.win_copy: ansible.windows.win_copy:
src: "{{ item.path }}" src: "{{ item.path }}"
dest: "{{ remote_log_file_path }}\\{{ logs_prefix }}_{{ item.path | basename }}" dest: "{{ remote_gathering_path }}\\{{ logs_prefix }}_{{ item.path | basename }}"
remote_src: true remote_src: true
loop: "{{ wazuh_agent_logs.files }}" loop: "{{ wazuh_agent_logs.files }}"
when: wazuh_agent_logs.files is defined and (wazuh_agent_logs.matched | int) > 0 when: wazuh_agent_logs.files is defined and (wazuh_agent_logs.matched | int) > 0
@ -133,22 +145,22 @@
- name: Windows | Wazuh Agent | Fetching agent configuration - name: Windows | Wazuh Agent | Fetching agent configuration
ansible.windows.win_copy: ansible.windows.win_copy:
src: 'C:\\Program Files (x86)\\ossec-agent\\ossec.conf' src: 'C:\\Program Files (x86)\\ossec-agent\\ossec.conf'
dest: "{{ remote_log_file_path }}\\{{ logs_prefix }}_ossec.conf" dest: "{{ remote_gathering_path }}\\{{ logs_prefix }}_ossec.conf"
remote_src: true remote_src: true
- name: Windows | Compress Wazuh logs - name: Windows | Compress Wazuh logs
ansible.windows.win_shell: | ansible.windows.win_shell: |
Compress-Archive -Path "{{ remote_log_file_path }}\\*" ` Compress-Archive -Path "{{ remote_gathering_path }}\\*" `
-DestinationPath "{{ remote_log_file_path }}\\compressed_wazuh_agent_logs_{{ logs_prefix }}.zip" ` -DestinationPath "{{ remote_gathering_path }}\\compressed_wazuh_agent_logs_{{ logs_prefix }}.zip" `
-CompressionLevel Optimal -CompressionLevel Optimal
- name: Windows | Copy Wazuh logs to local machine - name: Windows | Copy Wazuh logs to local machine
ansible.builtin.fetch: ansible.builtin.fetch:
src: "{{ remote_log_file_path }}\\compressed_wazuh_agent_logs_{{ logs_prefix }}.zip" src: "{{ remote_gathering_path }}\\compressed_wazuh_agent_logs_{{ logs_prefix }}.zip"
dest: "{{ local_log_file_path }}/" dest: "{{ local_log_file_path }}/"
flat: true flat: true
- name: Windows | Remove Wazuh logs from remote machine - name: Windows | Remove Wazuh logs from remote machine
ansible.windows.win_file: ansible.windows.win_file:
path: "{{ remote_log_file_path }}" path: "{{ remote_gathering_path }}"
state: absent state: absent

62
.github/playbooks/gather_central_logs.yml vendored
View File

@ -5,22 +5,34 @@
strategy: free strategy: free
become: true become: true
tasks: tasks:
- name: Linux | Set required facts for logs gathering (1/2) - name: Make sure local_log_file_path directory exists on local machine
delegate_to: localhost
become: false
ansible.builtin.file:
path: "{{ local_log_file_path }}"
state: directory
mode: '0755'
- name: Set required facts for logs gathering (1/2)
ansible.builtin.set_fact: ansible.builtin.set_fact:
logs_prefix: "{{ ansible_facts.distribution }}_{{ ansible_facts.distribution_major_version }}_{{ ansible_facts.architecture }}_{{ inventory_hostname }}" logs_prefix: "{{ ansible_facts.distribution }}_{{ ansible_facts.distribution_major_version }}_{{ ansible_facts.architecture }}_{{ inventory_hostname }}"
- name: Linux | Set required facts for logs gathering (2/2) - name: Set required facts for logs gathering (2/2)
ansible.builtin.set_fact: ansible.builtin.set_fact:
remote_log_file_path: "/tmp/wazuh_logs_{{ logs_prefix }}_{{ ansible_date_time.epoch }}" remote_gathering_path: "/tmp/wazuh_logs_{{ logs_prefix }}_{{ ansible_date_time.epoch }}"
- name: Remove existing Wazuh logs temporal directories - name: Remove existing Wazuh logs temporal directories
ansible.builtin.file: ansible.builtin.file:
path: "{{ remote_log_file_path }}" path: "{{ remote_gathering_path }}"
state: absent state: absent
- name: Set fact for logs directory
ansible.builtin.set_fact:
remote_logs_path: "{{ remote_gathering_path }}/logs"
- name: Create temporal directories for Wazuh logs - name: Create temporal directories for Wazuh logs
ansible.builtin.file: ansible.builtin.file:
path: "{{ remote_log_file_path }}/{{ item }}" path: "{{ remote_logs_path }}/{{ item }}"
state: directory state: directory
mode: '0755' mode: '0755'
loop: loop:
@ -44,7 +56,7 @@
- name: Wazuh Indexer | Fetching logs (1/3) - name: Wazuh Indexer | Fetching logs (1/3)
changed_when: false changed_when: false
ansible.builtin.shell: | ansible.builtin.shell: |
journalctl -u wazuh-indexer > {{ remote_log_file_path }}/wazuh-indexer/{{ logs_prefix }}_journalctl.log journalctl -u wazuh-indexer > {{ remote_logs_path }}/wazuh-indexer/{{ logs_prefix }}_journalctl.log
- name: Wazuh Indexer | Fetching logs (2/3) - name: Wazuh Indexer | Fetching logs (2/3)
ansible.builtin.find: ansible.builtin.find:
@ -55,7 +67,7 @@
- name: Wazuh Indexer | Fetching logs (3/3) - name: Wazuh Indexer | Fetching logs (3/3)
ansible.builtin.copy: ansible.builtin.copy:
src: "{{ item.path }}" src: "{{ item.path }}"
dest: "{{ remote_log_file_path }}/wazuh-indexer/{{ logs_prefix }}_{{ item.path | basename }}" dest: "{{ remote_logs_path }}/wazuh-indexer/{{ logs_prefix }}_{{ item.path | basename }}"
remote_src: true remote_src: true
mode: '0644' mode: '0644'
loop: "{{ wi_indexer_logs.files | default([]) }}" loop: "{{ wi_indexer_logs.files | default([]) }}"
@ -66,7 +78,7 @@
- name: Wazuh Indexer | Fetching configuration - name: Wazuh Indexer | Fetching configuration
ansible.builtin.copy: ansible.builtin.copy:
src: /etc/wazuh-indexer/opensearch.yml src: /etc/wazuh-indexer/opensearch.yml
dest: "{{ remote_log_file_path }}/wazuh-indexer/{{ logs_prefix }}_opensearch.yml" dest: "{{ remote_logs_path }}/wazuh-indexer/{{ logs_prefix }}_opensearch.yml"
remote_src: true remote_src: true
mode: '0644' mode: '0644'
@ -77,7 +89,7 @@
- name: Wazuh Server | Fetching logs (1/3) - name: Wazuh Server | Fetching logs (1/3)
changed_when: false changed_when: false
ansible.builtin.shell: | ansible.builtin.shell: |
journalctl -u wazuh-manager > {{ remote_log_file_path }}/wazuh-server/{{ logs_prefix }}_journalctl.log journalctl -u wazuh-manager > {{ remote_logs_path }}/wazuh-server/{{ logs_prefix }}_journalctl.log
- name: Wazuh Server | Fetching logs (2/3) - name: Wazuh Server | Fetching logs (2/3)
ansible.builtin.find: ansible.builtin.find:
@ -88,7 +100,7 @@
- name: Wazuh Server | Fetching logs (3/3) - name: Wazuh Server | Fetching logs (3/3)
ansible.builtin.copy: ansible.builtin.copy:
src: "{{ item.path }}" src: "{{ item.path }}"
dest: "{{ remote_log_file_path }}/wazuh-server/{{ logs_prefix }}_{{ item.path | basename }}" dest: "{{ remote_logs_path }}/wazuh-server/{{ logs_prefix }}_{{ item.path | basename }}"
remote_src: true remote_src: true
mode: '0644' mode: '0644'
loop: "{{ wazuh_server_logs.files | default([]) }}" loop: "{{ wazuh_server_logs.files | default([]) }}"
@ -99,7 +111,7 @@
- name: Wazuh Server | Fetching configuration - name: Wazuh Server | Fetching configuration
ansible.builtin.copy: ansible.builtin.copy:
src: /var/ossec/etc/ossec.conf src: /var/ossec/etc/ossec.conf
dest: "{{ remote_log_file_path }}/wazuh-server/{{ logs_prefix }}_ossec.conf" dest: "{{ remote_logs_path }}/wazuh-server/{{ logs_prefix }}_ossec.conf"
remote_src: true remote_src: true
mode: '0644' mode: '0644'
@ -110,38 +122,46 @@
- name: Wazuh Dashboard | Fetching logs - name: Wazuh Dashboard | Fetching logs
changed_when: false changed_when: false
ansible.builtin.shell: | ansible.builtin.shell: |
journalctl -u wazuh-dashboard > {{ remote_log_file_path }}/wazuh-dashboard/{{ logs_prefix }}_journalctl.log journalctl -u wazuh-dashboard > {{ remote_logs_path }}/wazuh-dashboard/{{ logs_prefix }}_journalctl.log
- name: Wazuh Dashboard | Fetching configuration (1/2) - name: Wazuh Dashboard | Fetching configuration (1/2)
ansible.builtin.copy: ansible.builtin.copy:
src: /etc/wazuh-dashboard/opensearch_dashboards.yml src: /etc/wazuh-dashboard/opensearch_dashboards.yml
dest: "{{ remote_log_file_path }}/wazuh-dashboard/{{ logs_prefix }}_opensearch_dashboards.yml" dest: "{{ remote_logs_path }}/wazuh-dashboard/{{ logs_prefix }}_opensearch_dashboards.yml"
remote_src: true remote_src: true
mode: '0644' mode: '0644'
- name: Wazuh Dashboard | Fetching configuration (2/2) - name: Wazuh Dashboard | Fetching configuration (2/2)
ansible.builtin.copy: ansible.builtin.copy:
src: /usr/share/wazuh-dashboard/data/wazuh/config/wazuh.yml src: /usr/share/wazuh-dashboard/data/wazuh/config/wazuh.yml
dest: "{{ remote_log_file_path }}/wazuh-dashboard/{{ logs_prefix }}_wazuh.yml" dest: "{{ remote_logs_path }}/wazuh-dashboard/{{ logs_prefix }}_wazuh.yml"
remote_src: true remote_src: true
mode: '0644' mode: '0644'
- name: Compress Wazuh logs - name: Compress Wazuh logs
community.general.archive: block:
path: "{{ remote_log_file_path }}/*" - name: Compress Wazuh logs (archive module)
dest: "{{ remote_log_file_path }}/compressed_wazuh_logs_{{ logs_prefix }}.tar.gz" community.general.archive:
format: gz path: "{{ remote_logs_path }}/*"
mode: '0644' dest: "{{ remote_gathering_path }}/compressed_wazuh_logs_{{ logs_prefix }}.tar.gz"
format: gz
mode: '0644'
rescue:
- name: Compress Wazuh logs (tar command)
ansible.builtin.shell: |
tar -czf {{ remote_gathering_path }}/compressed_wazuh_logs_{{ logs_prefix }}.tar.gz -C {{ remote_logs_path }} .
args:
creates: "{{ remote_gathering_path }}/compressed_wazuh_logs_{{ logs_prefix }}.tar.gz"
- name: Copy Wazuh logs to local machine - name: Copy Wazuh logs to local machine
ansible.builtin.fetch: ansible.builtin.fetch:
src: "{{ remote_log_file_path }}/compressed_wazuh_logs_{{ logs_prefix }}.tar.gz" src: "{{ remote_gathering_path }}/compressed_wazuh_logs_{{ logs_prefix }}.tar.gz"
dest: "{{ local_log_file_path }}/compressed_individual_logs/" dest: "{{ local_log_file_path }}/compressed_individual_logs/"
flat: true flat: true
- name: Remove Wazuh logs temporal directory from remote machine - name: Remove Wazuh logs temporal directory from remote machine
ansible.builtin.file: ansible.builtin.file:
path: "{{ remote_log_file_path }}" path: "{{ remote_gathering_path }}"
state: absent state: absent
- name: Local actions - name: Local actions

4
.github/workflows/aio.yml vendored
View File

@ -242,6 +242,8 @@ jobs:
# Append the processed line to the output file # Append the processed line to the output file
echo "$presigned_url_line" >> "$PRESIGNED_OUTPUT_FILE" echo "$presigned_url_line" >> "$PRESIGNED_OUTPUT_FILE"
else else
echo "$line" >> "$PRESIGNED_OUTPUT_FILE"
echo "Skipping line for presigning (no S3 URI found):" echo "Skipping line for presigning (no S3 URI found):"
echo "$line" echo "$line"
fi fi
@ -454,7 +456,7 @@ jobs:
${{ needs.setup-runner.outputs.VERBOSITY }} ${{ needs.setup-runner.outputs.VERBOSITY }}
- name: Ansible Playbook run Wazuh agents - name: Ansible Playbook run Wazuh agents
run: | run: |
ansible-playbook wazuh-ansible/wazuh-agent.yml \ ansible-playbook wazuh-ansible/wazuh-agent.yml --extra-vars "source=custom" \
-i $ALLOCATOR_PATH/inventory_agents.ini \ -i $ALLOCATOR_PATH/inventory_agents.ini \
-l all \ -l all \
${{ needs.setup-runner.outputs.VERBOSITY }} ${{ needs.setup-runner.outputs.VERBOSITY }}

15
.github/workflows/distributed.yml vendored
View File

@ -47,7 +47,7 @@ env:
ALLOCATOR_PATH: "/tmp/wazuh-ansible/allocator_instance" ALLOCATOR_PATH: "/tmp/wazuh-ansible/allocator_instance"
ARTIFACT_URLS_FILE_TEMP: "/tmp/wazuh-ansible/artifact_urls.yml" ARTIFACT_URLS_FILE_TEMP: "/tmp/wazuh-ansible/artifact_urls.yml"
PRESIGNED_OUTPUT_FILE: "/tmp/wazuh-ansible/artifact_urls_presigned.yml" PRESIGNED_OUTPUT_FILE: "/tmp/wazuh-ansible/artifact_urls_presigned.yml"
INSTANCE_NAMES: "wi1 wi2 wi3 dashboard manager worker balancer" INSTANCE_NAMES: "wi1 wi2 wi3 dashboard manager worker"
permissions: permissions:
id-token: write # JWT id-token: write # JWT
contents: read # actions/checkout contents: read # actions/checkout
@ -244,6 +244,8 @@ jobs:
# Append the processed line to the output file # Append the processed line to the output file
echo "$presigned_url_line" >> "$PRESIGNED_OUTPUT_FILE" echo "$presigned_url_line" >> "$PRESIGNED_OUTPUT_FILE"
else else
echo "$line" >> "$PRESIGNED_OUTPUT_FILE"
echo "Skipping line for presigning (no S3 URI found):" echo "Skipping line for presigning (no S3 URI found):"
echo "$line" echo "$line"
fi fi
@ -347,7 +349,7 @@ jobs:
instance_names=($INSTANCE_NAMES) instance_names=($INSTANCE_NAMES)
inventory_file="$ALLOCATOR_PATH/inventory_all" inventory_file="$ALLOCATOR_PATH/inventory_all"
ssh_key_path=${{ needs.setup-runner.outputs.PRIVATE_KEY_PATH }} ssh_key_path=${{ needs.setup-runner.outputs.PRIVATE_KEY_PATH }}
load_balancer_private_ip="" manager_private_ip=""
# Create all instances in parallel # Create all instances in parallel
for i in ${!instance_names[@]}; do for i in ${!instance_names[@]}; do
@ -395,11 +397,9 @@ jobs:
echo "dashboard ansible_host=$ansible_host private_ip=$private_ip ansible_ssh_user=$ansible_user" >> $inventory_file echo "dashboard ansible_host=$ansible_host private_ip=$private_ip ansible_ssh_user=$ansible_user" >> $inventory_file
elif [[ $i -eq 4 ]]; then elif [[ $i -eq 4 ]]; then
echo "manager ansible_host=$ansible_host private_ip=$private_ip ansible_ssh_user=$ansible_user" >> $inventory_file echo "manager ansible_host=$ansible_host private_ip=$private_ip ansible_ssh_user=$ansible_user" >> $inventory_file
manager_private_ip=$private_ip
elif [[ $i -eq 5 ]]; then elif [[ $i -eq 5 ]]; then
echo "worker ansible_host=$ansible_host private_ip=$private_ip ansible_ssh_user=$ansible_user" >> $inventory_file echo "worker ansible_host=$ansible_host private_ip=$private_ip ansible_ssh_user=$ansible_user" >> $inventory_file
elif [[ $i -eq 6 ]]; then
echo "balancer ansible_host=$ansible_host private_ip=$private_ip ansible_ssh_user=$ansible_user" >> $inventory_file
load_balancer_private_ip="$private_ip"
fi fi
done done
@ -416,8 +416,7 @@ jobs:
echo "ansible_ssh_private_key_file=${ssh_key_path}" >> $inventory_file echo "ansible_ssh_private_key_file=${ssh_key_path}" >> $inventory_file
# Set the Wazuh server IP in the Ansible playbook # Set the Wazuh server IP in the Ansible playbook
echo "Load balancer private IP: $load_balancer_private_ip" sed -i "s|<Your Wazuh Server IP>|$manager_private_ip|g" wazuh-ansible/wazuh-agent.yml
sed -i "s|<Your Wazuh Server IP>|$load_balancer_private_ip|g" wazuh-ansible/wazuh-agent.yml
- name: Allocate Agent instances - name: Allocate Agent instances
run: | run: |
# Define variables # Define variables
@ -500,7 +499,7 @@ jobs:
${{ needs.setup-runner.outputs.VERBOSITY }} ${{ needs.setup-runner.outputs.VERBOSITY }}
- name: Ansible Playbook run Wazuh agents - name: Ansible Playbook run Wazuh agents
run: | run: |
ansible-playbook wazuh-ansible/wazuh-agent.yml \ ansible-playbook wazuh-ansible/wazuh-agent.yml --extra-vars "source=custom" \
-i $ALLOCATOR_PATH/inventory_agents.ini \ -i $ALLOCATOR_PATH/inventory_agents.ini \
-l all \ -l all \
${{ needs.setup-runner.outputs.VERBOSITY }} ${{ needs.setup-runner.outputs.VERBOSITY }}

6
roles/wazuh-indexer/tasks/config_files_setup.yml
View File

@ -195,8 +195,8 @@
group: wazuh-indexer group: wazuh-indexer
mode: "0400" mode: "0400"
with_items: with_items:
- { src: "{{ instances[inventory_hostname].name }}-key.pem", dest: "indexer-key.pem" } - { src: "{{ node_name }}-key.pem", dest: "indexer-key.pem" }
- { src: "{{ instances[inventory_hostname].name }}.pem", dest: "indexer.pem" } - { src: "{{ node_name }}.pem", dest: "indexer.pem" }
when: when:
- generate_certs - generate_certs
@ -212,7 +212,7 @@
ansible.builtin.lineinfile: ansible.builtin.lineinfile:
path: /etc/wazuh-indexer/opensearch.yml path: /etc/wazuh-indexer/opensearch.yml
regexp: '^node\.name:' regexp: '^node\.name:'
line: 'node.name: "{{ instances[inventory_hostname].name }}"' line: 'node.name: "{{ node_name }}"'
- name: OpenSearch Config | Configure cluster.initial_cluster_manager_nodes - name: OpenSearch Config | Configure cluster.initial_cluster_manager_nodes
block: block: