wazuh/wazuh-kubernetes
1
0
Fork 0
mirror of https://github.com/wazuh/wazuh-kubernetes.git synced 2025-12-10 16:46:36 -06:00
Code Issues Packages Projects Releases 100 Wiki Activity

Merge 4.14.1 into main

Browse Source
This commit is contained in:
Carlos Bordon 2025-10-31 14:43:13 -03:00
commit c568e5fd3e
No known key found for this signature in database
GPG Key ID: 4C040368C34BF037
11 changed files with 46 additions and 48 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

37
CHANGELOG.md
View File

@ -2,6 +2,25 @@
All notable changes to this project will be documented in this file. All notable changes to this project will be documented in this file.
## [5.0.0]
### Added
- None
### Changed
- Wazuh server clean-up ([#1213](https://github.com/wazuh/wazuh-kubernetes/pull/1213))
- Replace OpenSearch deprecated settings ([#1109](https://github.com/wazuh/wazuh-kubernetes/pull/1109))
### Fixed
- None
### Deleted
- None
## [4.14.1] ## [4.14.1]
### Added ### Added
@ -34,6 +53,24 @@ All notable changes to this project will be documented in this file.
### Fixed ### Fixed
- None
### Deleted
- None
## [4.14.0]
### Added
- None
### Changed
- None
### Fixed
- Add new config path and new permission for conf and certs files ([#1152](https://github.com/wazuh/wazuh-kubernetes/pull/1152)) - Add new config path and new permission for conf and certs files ([#1152](https://github.com/wazuh/wazuh-kubernetes/pull/1152))
### Deleted ### Deleted

4
VERSION.json
View File

@ -1,4 +1,4 @@
{ {
"version": "4.14.1", "version": "5.0.0",
"stage": "rc1" "stage": "alpha0"
} }

2
upgrade.md
View File

@ -11,9 +11,7 @@ PERMANENT_DATA[((i++))]="/var/ossec/api/configuration"
PERMANENT_DATA[((i++))]="/var/ossec/etc" PERMANENT_DATA[((i++))]="/var/ossec/etc"
PERMANENT_DATA[((i++))]="/var/ossec/logs" PERMANENT_DATA[((i++))]="/var/ossec/logs"
PERMANENT_DATA[((i++))]="/var/ossec/queue" PERMANENT_DATA[((i++))]="/var/ossec/queue"
PERMANENT_DATA[((i++))]="/var/ossec/agentless"
PERMANENT_DATA[((i++))]="/var/ossec/var/multigroups" PERMANENT_DATA[((i++))]="/var/ossec/var/multigroups"
PERMANENT_DATA[((i++))]="/var/ossec/integrations"
PERMANENT_DATA[((i++))]="/var/ossec/active-response/bin" PERMANENT_DATA[((i++))]="/var/ossec/active-response/bin"
PERMANENT_DATA[((i++))]="/var/ossec/wodles" PERMANENT_DATA[((i++))]="/var/ossec/wodles"
PERMANENT_DATA[((i++))]="/etc/filebeat" PERMANENT_DATA[((i++))]="/etc/filebeat"

2
wazuh/indexer_stack/wazuh-dashboard/dashboard-deploy.yaml
View File

@ -32,7 +32,7 @@ spec:
secretName: dashboard-certs secretName: dashboard-certs
containers: containers:
- name: wazuh-dashboard - name: wazuh-dashboard
image: 'wazuh/wazuh-dashboard:4.14.1' image: 'wazuh/wazuh-dashboard:5.0.0'
resources: resources:
limits: limits:
cpu: 500m cpu: 500m

2
wazuh/indexer_stack/wazuh-dashboard/dashboard_conf/opensearch_dashboards.yml
View File

@ -3,7 +3,7 @@ server.host: 0.0.0.0
server.port: 5601 server.port: 5601
opensearch.hosts: https://indexer:9200 opensearch.hosts: https://indexer:9200
opensearch.ssl.verificationMode: none opensearch.ssl.verificationMode: none
opensearch.requestHeadersWhitelist: [ authorization,securitytenant ] opensearch.requestHeadersAllowlist: [ authorization,securitytenant ]
opensearch_security.multitenancy.enabled: false opensearch_security.multitenancy.enabled: false
opensearch_security.readonly_mode.roles: ["kibana_read_only"] opensearch_security.readonly_mode.roles: ["kibana_read_only"]
server.ssl.enabled: true server.ssl.enabled: true

2
wazuh/indexer_stack/wazuh-indexer/cluster/indexer-sts.yaml
View File

@ -63,7 +63,7 @@ spec:
privileged: true privileged: true
containers: containers:
- name: wazuh-indexer - name: wazuh-indexer
image: 'wazuh/wazuh-indexer:4.14.1' image: 'wazuh/wazuh-indexer:5.0.0'
resources: resources:
limits: limits:
cpu: 500m cpu: 500m

5
wazuh/indexer_stack/wazuh-indexer/indexer_conf/opensearch.yml
View File

@ -2,7 +2,7 @@ cluster.name: ${CLUSTER_NAME}
node.name: ${NODE_NAME} node.name: ${NODE_NAME}
network.host: ${NETWORK_HOST} network.host: ${NETWORK_HOST}
discovery.seed_hosts: wazuh-indexer-0.wazuh-indexer discovery.seed_hosts: wazuh-indexer-0.wazuh-indexer
cluster.initial_master_nodes: cluster.initial_cluster_manager_nodes:
- wazuh-indexer-0 - wazuh-indexer-0
node.max_local_storage_nodes: "3" node.max_local_storage_nodes: "3"
@ -27,5 +27,4 @@ plugins.security.restapi.roles_enabled:
- "all_access" - "all_access"
- "security_rest_api_access" - "security_rest_api_access"
plugins.security.allow_default_init_securityindex: true plugins.security.allow_default_init_securityindex: true
cluster.routing.allocation.disk.threshold_enabled: false cluster.routing.allocation.disk.threshold_enabled: false
compatibility.override_main_response_version: true

8
wazuh/wazuh_managers/wazuh-master-sts.yaml
View File

@ -41,7 +41,7 @@ spec:
fsGroup: 101 fsGroup: 101
containers: containers:
- name: wazuh-manager - name: wazuh-manager
image: 'wazuh/wazuh-manager:4.14.1' image: 'wazuh/wazuh-manager:5.0.0'
resources: resources:
limits: limits:
cpu: 400m cpu: 400m
@ -85,15 +85,9 @@ spec:
- name: wazuh-manager-master - name: wazuh-manager-master
mountPath: /var/ossec/var/multigroups mountPath: /var/ossec/var/multigroups
subPath: wazuh/var/ossec/var/multigroups subPath: wazuh/var/ossec/var/multigroups
- name: wazuh-manager-master
mountPath: /var/ossec/integrations
subPath: wazuh/var/ossec/integrations
- name: wazuh-manager-master - name: wazuh-manager-master
mountPath: /var/ossec/active-response/bin mountPath: /var/ossec/active-response/bin
subPath: wazuh/var/ossec/active-response/bin subPath: wazuh/var/ossec/active-response/bin
- name: wazuh-manager-master
mountPath: /var/ossec/agentless
subPath: wazuh/var/ossec/agentless
- name: wazuh-manager-master - name: wazuh-manager-master
mountPath: /var/ossec/wodles mountPath: /var/ossec/wodles
subPath: wazuh/var/ossec/wodles subPath: wazuh/var/ossec/wodles

8
wazuh/wazuh_managers/wazuh-worker-sts.yaml
View File

@ -48,7 +48,7 @@ spec:
fsGroup: 101 fsGroup: 101
containers: containers:
- name: wazuh-manager - name: wazuh-manager
image: 'wazuh/wazuh-manager:4.14.1' image: 'wazuh/wazuh-manager:5.0.0'
resources: resources:
limits: limits:
cpu: 400m cpu: 400m
@ -88,15 +88,9 @@ spec:
- name: wazuh-manager-worker - name: wazuh-manager-worker
mountPath: /var/ossec/var/multigroups mountPath: /var/ossec/var/multigroups
subPath: wazuh/var/ossec/var/multigroups subPath: wazuh/var/ossec/var/multigroups
- name: wazuh-manager-worker
mountPath: /var/ossec/integrations
subPath: wazuh/var/ossec/integrations
- name: wazuh-manager-worker - name: wazuh-manager-worker
mountPath: /var/ossec/active-response/bin mountPath: /var/ossec/active-response/bin
subPath: wazuh/var/ossec/active-response/bin subPath: wazuh/var/ossec/active-response/bin
- name: wazuh-manager-worker
mountPath: /var/ossec/agentless
subPath: wazuh/var/ossec/agentless
- name: wazuh-manager-worker - name: wazuh-manager-worker
mountPath: /var/ossec/wodles mountPath: /var/ossec/wodles
subPath: wazuh/var/ossec/wodles subPath: wazuh/var/ossec/wodles

12
wazuh/wazuh_managers/wazuh_conf/master.conf
View File

@ -23,11 +23,6 @@
<agents_disconnection_alert_time>100s</agents_disconnection_alert_time> <agents_disconnection_alert_time>100s</agents_disconnection_alert_time>
</global> </global>
<alerts>
<log_alert_level>3</log_alert_level>
<email_alert_level>12</email_alert_level>
</alerts>
<!-- Choose between "plain", "json", or "plain,json" for the format of internal logs --> <!-- Choose between "plain", "json", or "plain,json" for the format of internal logs -->
<logging> <logging>
<log_format>plain</log_format> <log_format>plain</log_format>
@ -281,13 +276,6 @@
<rule_dir>etc/rules</rule_dir> <rule_dir>etc/rules</rule_dir>
</ruleset> </ruleset>
<rule_test>
<enabled>yes</enabled>
<threads>1</threads>
<max_sessions>64</max_sessions>
<session_timeout>15m</session_timeout>
</rule_test>
<!-- Configuration for ossec-authd <!-- Configuration for ossec-authd
To enable this service, run: To enable this service, run:
wazuh-control enable auth wazuh-control enable auth

12
wazuh/wazuh_managers/wazuh_conf/worker.conf
View File

@ -23,11 +23,6 @@
<agents_disconnection_alert_time>100s</agents_disconnection_alert_time> <agents_disconnection_alert_time>100s</agents_disconnection_alert_time>
</global> </global>
<alerts>
<log_alert_level>3</log_alert_level>
<email_alert_level>12</email_alert_level>
</alerts>
<!-- Choose between "plain", "json", or "plain,json" for the format of internal logs --> <!-- Choose between "plain", "json", or "plain,json" for the format of internal logs -->
<logging> <logging>
<log_format>plain</log_format> <log_format>plain</log_format>
@ -281,13 +276,6 @@
<rule_dir>etc/rules</rule_dir> <rule_dir>etc/rules</rule_dir>
</ruleset> </ruleset>
<rule_test>
<enabled>yes</enabled>
<threads>1</threads>
<max_sessions>64</max_sessions>
<session_timeout>15m</session_timeout>
</rule_test>
<!-- Configuration for ossec-authd <!-- Configuration for ossec-authd
To enable this service, run: To enable this service, run:
wazuh-control enable auth wazuh-control enable auth