From 146d37629bbd0cbda04f3b35da10a7f751ab09ba Mon Sep 17 00:00:00 2001
From: Jose Luis Ruiz <jose@wazuh.com>
Date: Sat, 11 Feb 2017 17:05:01 +0100
Subject: [PATCH] update wazuh config, Readme and docker-compose file

---
 README.md                  | 26 +++++++++++++++++++++++++-
 docker-compose.yml         |  6 +++++-
 wazuh/config/data_dirs.env |  1 +
 3 files changed, 31 insertions(+), 2 deletions(-)

diff --git a/README.md b/README.md
index 8583c069..a25672d6 100644
--- a/README.md
+++ b/README.md
@@ -159,11 +159,36 @@ URL: http://wazuh
 Port: 55000
 ```
 
+If you like to change the default API configuration, you need to modify the file ``user`` in the path ``/var/ossec/api/configuration/auth/user``, you can generate other password with any ``htpasswd`` generator.
+
 ![Alt text](images/image-2.png?raw=true "Image 2")
 
 
 # Storage
 
+## How can I store Wazuh data?
+
+The data stored in Wazuh will be persisted after container reboot but not after container removal.
+
+In order to persist Wazuh data even after removing the Wazuh container, you'll have to mount a volume on your Docker host. Update the Wazuh container declaration to:
+
+```yml
+elasticsearch:
+  image: wazuh/wazuh:latest
+  hostname: wazuh-manager
+  ports:
+    - "1514:1514"
+    - "1515:1515"
+    - "514:514"
+    - "55000:55000"
+  networks:
+    - docker_elk
+  volumes:
+    - /path/to/storage:/var/ossec/data
+```
+
+This will store Wazuh data inside `/path/to/storage`.
+
 ## How can I store Elasticsearch data?
 
 The data stored in Elasticsearch will be persisted after container reboot but not after container removal.
@@ -421,4 +446,3 @@ All notable changes to this project will be documented in this file.
 - Deleted link to LUA sources.
 - Delete ZLib generated files on cleaning.
 - Removed maximum lines limit from diff messages (that remain limited by length).
-
diff --git a/docker-compose.yml b/docker-compose.yml
index f1d4b5e2..f248c553 100644
--- a/docker-compose.yml
+++ b/docker-compose.yml
@@ -8,10 +8,12 @@ services:
     ports:
       - "1514/udp:1514/udp"
       - "1515:1515"
-#      - "514/udp:514/udp"
+      - "514/udp:514/udp"
       - "55000:55000"
     networks:
         - docker_elk
+    volumes:
+      - my-path:/var/ossec/data
     depends_on:
       - elasticsearch
   logstash:
@@ -39,6 +41,8 @@ services:
       - "9300:9300"
     environment:
       ES_JAVA_OPTS: "-Xms2g -Xmx2g"
+    volumes:
+      - my-path:/var/ossec/data
     networks:
         - docker_elk
   kibana:
diff --git a/wazuh/config/data_dirs.env b/wazuh/config/data_dirs.env
index 76090cb2..bd050861 100644
--- a/wazuh/config/data_dirs.env
+++ b/wazuh/config/data_dirs.env
@@ -5,4 +5,5 @@ DATA_DIRS[((i++))]="logs"
 DATA_DIRS[((i++))]="stats"
 DATA_DIRS[((i++))]="queue"
 DATA_DIRS[((i++))]="var/db"
+DATA_DIRS[((i++))]="api"
 export DATA_DIRS