Filebeat fails to connect to Wazuh indexer because of firewalld (Installation assistant distributed deployment)

[s-ocando]

Wazuh version	Install type	Action performed	Platform
v4.7.0-alpha-1	Distributed deployment	Install	Rocky Linux 8

I used the installation assistant to perform a distributed deployment of Wazuh. I had to use the ignore option to install it on Rocky Linux 8. However, this caused the installation assistant not to check the ports, and deployments that seem to be working fine, such as the server, was failing as Filebeat was unable to communicate with the Indexer.

• Shall the server installation include testing the Filebeat output and warning the user if it fails?

• Shall we have different ignore options? For instance, ignore-os, which would enable installations on non-recommended operating systems while still verifying the ports and hardware requirements.

• We need to inform the user about the need to open the necessary ports on each component so the deployment can work as expected regardless if the ignore option is used.

Steps to reproduce

Vagrant box: generic/rocky8

Vagranfile

``` server_ip = "192.168.56.2" indexer_ip = "192.168.56.3" dashboard_ip = "192.168.56.4" agent_ip = "192.168.56.5" Vagrant.configure("2") do |config| config.vm.define "server" do |server| server.vm.box = "generic/rocky8" server.vm.network :private_network, ip: "#{server_ip}" server.vm.provider "virtualbox" do |pmv| pmv.memory = 1024 pmv.cpus = 1 pmv.linked_clone=true end server.vm.hostname = "server" end config.vm.define "indexer" do |indexer| indexer.vm.box = "generic/rocky8" indexer.vm.network :private_network, ip: "#{indexer_ip}" indexer.vm.provider "virtualbox" do |pmv| pmv.memory = 4096 pmv.cpus = 2 pmv.linked_clone=true end indexer.vm.hostname = "indexer" end config.vm.define "dashboard" do |dashboard| dashboard.vm.box = "generic/rocky8" dashboard.vm.network :private_network, ip: "#{dashboard_ip}" dashboard.vm.provider "virtualbox" do |pmv| pmv.memory = 4096 pmv.cpus = 2 pmv.linked_clone=true end dashboard.vm.hostname = "dashboard" end config.vm.define "agent" do |agent| agent.vm.box = "generic/rocky8" agent.vm.network :private_network, ip: "#{agent_ip}" agent.vm.provider "virtualbox" do |pmv| pmv.memory = 1024 pmv.cpus = 1 pmv.linked_clone=true end agent.vm.hostname = "agent" end end ```

• Download the installation assistant on each node:

  curl -sO https://packages-dev.wazuh.com/4.7/wazuh-install.sh

• Edit the configuration file and create the installation files.

curl -sO https://packages-dev.wazuh.com/4.7/config.yml

Configuration file (config.yml)

```yml nodes: # Wazuh indexer nodes indexer: - name: node-1 ip: "192.168.56.3" #- name: node-2 # ip: "" #- name: node-3 # ip: "" # Wazuh server nodes # If there is more than one Wazuh server # node, each one must have a node_type server: - name: wazuh-1 ip: "192.168.56.2" # node_type: master #- name: wazuh-2 # ip: "" # node_type: worker #- name: wazuh-3 # ip: "" # node_type: worker # Wazuh dashboard nodes dashboard: - name: dashboard ip: "192.168.56.4" ```

[root@indexer vagrant]# bash wazuh-install.sh --generate-config-files -i
INFO: Starting Wazuh installation assistant. Wazuh version: 4.7.0
INFO: Verbose logging redirected to /var/log/wazuh-install.log
WARNING: Hardware and system checks ignored.
 INFO: --- Configuration files ---
INFO: Generating configuration files.
INFO: Created wazuh-install-files.tar. It contains the Wazuh cluster key, certificates, and passwords necessary for installation.

• Copy wazuh-install-files.tar on each node.

• Install the Wazuh indexer on its corresponding node and initialize the cluster:

[root@indexer vagrant]# bash wazuh-install.sh --wazuh-indexer node-1 -i
INFO: Starting Wazuh installation assistant. Wazuh version: 4.7.0
INFO: Verbose logging redirected to /var/log/wazuh-install.log
WARNING: Hardware and system checks ignored.
INFO: Wazuh development repository added.
INFO: --- Wazuh indexer ---
INFO: Starting Wazuh indexer installation.
INFO: Wazuh indexer installation finished.
INFO: Wazuh indexer post-install configuration finished.
INFO: Starting service wazuh-indexer.
INFO: wazuh-indexer service started.
INFO: Initializing Wazuh indexer cluster security settings.
INFO: Wazuh indexer cluster initialized.
INFO: Installation finished.

[root@indexer vagrant]# bash wazuh-install.sh --start-cluster -i
INFO: Starting Wazuh installation assistant. Wazuh version: 4.7.0
INFO: Verbose logging redirected to /var/log/wazuh-install.log
WARNING: Hardware and system checks ignored.
INFO: Wazuh indexer cluster security configuration initialized.
INFO: Wazuh indexer cluster started.

• Install the Wazuh server:

[root@server vagrant]# bash wazuh-install.sh --wazuh-server wazuh-1 -i
INFO: Starting Wazuh installation assistant. Wazuh version: 4.7.0
INFO: Verbose logging redirected to /var/log/wazuh-install.log
WARNING: Hardware and system checks ignored.
INFO: Wazuh development repository added.
INFO: --- Wazuh server ---
INFO: Starting the Wazuh manager installation.
NFO: Wazuh manager installation finished.
INFO: Starting service wazuh-manager.
INFO: wazuh-manager service started.
INFO: Starting Filebeat installation.
INFO: Filebeat installation finished.
INFO: Filebeat post-install configuration finished.
INFO: Starting service filebeat.
INFO: filebeat service started.
INFO: Installation finished.

• Note that the Wazuh server installation apparently worked fine, nevertheless, Filebeat is unable to communicate with the indexer.

[root@server vagrant]# filebeat test output
elasticsearch: https://192.168.56.3:9200...
  parse url... OK
  connection...
    parse host... OK
    dns lookup... OK
    addresses: 192.168.56.3
    dial up... ERROR dial tcp 192.168.56.3:9200: connect: no route to host

• Open port 9200 on the Wazuh indexer node:

  [root@indexer vagrant]# firewall-cmd --add-port=9200/tcp --permanent
  success
  [root@indexer vagrant]# firewall-cmd --reload 
  success

• Test Filebeat output again:

  [root@server vagrant]# filebeat test output
  elasticsearch: https://192.168.56.3:9200...
  parse url... OK
  connection...
  parse host... OK
  dns lookup... OK
  addresses: 192.168.56.3
  dial up... OK
  TLS...
  security: server's certificate chain verification is enabled
  handshake... OK
  TLS version: TLSv1.2
  dial up... OK
  talk to server... OK
  version: 7.10.2

Note that in addition to opening ports 9200 and 9300 for the Wazuh indexer, it might be necessary to open port 443 for the Wazuh dashboard and ports 55000, 1514, 1515 and 1516 for the Wazuh server. Not knowing which ports to open could lead to issues that the user may struggle to resolve.

[c-bordon]

Update report

Reviewing the code I was able to identify that the -i option does not prevent port validation, port validation is performed whenever the offline option is not chosen.

The debate remains open to define whether it is necessary to open the OS and hardware skip in 2 options, although the message is clear, by choosing the -i option the user is agreeing to install on a system that is not recommended or with incomplete hardware requirements.

The problem occurs because the port validation we perform is about whether the port is not in use, at the moment we do not validate port blocking by firewalld or any other option external to the host.

I'm going to check if we can add some type of post-installation validation to check that the port is listening correctly.

[c-bordon]

Update report

The option that occurs to me in the firewalld situation is to validate the existence of the service installed and turned on, and inform the user about this, if they want us to add the necessary rules and restart the service, they must re-execute the script with some additional option from the type -f | --firewalld

[root@rocky8 unattended_installer]# bash wazuh-install.sh -a -i
20/10/2023 19:34:18 INFO: Starting Wazuh installation assistant. Wazuh version: 4.7.0
20/10/2023 19:34:18 INFO: Verbose logging redirected to /var/log/wazuh-install.log
20/10/2023 19:34:27 WARNING: Hardware and system checks ignored.
20/10/2023 19:34:27 INFO: Wazuh web interface port will be 443.
20/10/2023 19:34:28 ERROR: The system has a firewalld installed. Use the -f | -firewalld option to add the necessary rules to allow traffic.

[c-bordon]

Update report

Validations and messages are added depending on the type of installation

AIO

```console [root@rocky8 unattended_installer]# bash wazuh-install.sh -a -i 23/10/2023 20:26:35 INFO: Starting Wazuh installation assistant. Wazuh version: 4.7.0 23/10/2023 20:26:35 INFO: Verbose logging redirected to /var/log/wazuh-install.log 23/10/2023 20:26:45 WARNING: Hardware and system checks ignored. 23/10/2023 20:26:45 INFO: Wazuh web interface port will be 443. 23/10/2023 20:26:45 WARNING: The system has Firewalld installed. Please ensure that traffic is allowed on these ports: 1515 1514 443. 23/10/2023 20:26:47 INFO: Wazuh development repository added. 23/10/2023 20:26:47 INFO: --- Configuration files --- 23/10/2023 20:26:47 INFO: Generating configuration files. 23/10/2023 20:26:48 INFO: Created wazuh-install-files.tar. It contains the Wazuh cluster key, certificates, and passwords necessary for installation. 23/10/2023 20:26:49 INFO: --- Wazuh indexer --- 23/10/2023 20:26:49 INFO: Starting Wazuh indexer installation. 23/10/2023 20:29:20 INFO: Wazuh indexer installation finished. 23/10/2023 20:29:20 INFO: Wazuh indexer post-install configuration finished. 23/10/2023 20:29:20 INFO: Starting service wazuh-indexer. 23/10/2023 20:29:30 INFO: wazuh-indexer service started. 23/10/2023 20:29:30 INFO: Initializing Wazuh indexer cluster security settings. 23/10/2023 20:29:41 INFO: Wazuh indexer cluster initialized. 23/10/2023 20:29:41 INFO: --- Wazuh server --- 23/10/2023 20:29:41 INFO: Starting the Wazuh manager installation. 23/10/2023 20:30:57 INFO: Wazuh manager installation finished. 23/10/2023 20:30:57 INFO: Starting service wazuh-manager. 23/10/2023 20:31:11 INFO: wazuh-manager service started. 23/10/2023 20:31:11 INFO: Starting Filebeat installation. 23/10/2023 20:31:19 INFO: Filebeat installation finished. 23/10/2023 20:31:21 INFO: Filebeat post-install configuration finished. 23/10/2023 20:31:21 INFO: Starting service filebeat. 23/10/2023 20:31:21 INFO: filebeat service started. 23/10/2023 20:31:21 INFO: --- Wazuh dashboard --- 23/10/2023 20:31:27 INFO: --- Dependencies --- 23/10/2023 20:31:27 INFO: Installing chromium. 23/10/2023 20:32:20 INFO: Installing nss. 23/10/2023 20:32:28 INFO: Installing xorg-x11-fonts-100dpi. 23/10/2023 20:32:32 INFO: Installing xorg-x11-fonts-75dpi. 23/10/2023 20:32:35 INFO: Installing xorg-x11-utils. 23/10/2023 20:32:38 INFO: Installing xorg-x11-fonts-cyrillic. 23/10/2023 20:32:40 INFO: Installing xorg-x11-fonts-Type1. 23/10/2023 20:32:42 INFO: Installing xorg-x11-fonts-misc. 23/10/2023 20:32:47 INFO: Installing fontconfig. 23/10/2023 20:32:48 INFO: Starting Wazuh dashboard installation. 23/10/2023 20:34:22 INFO: Wazuh dashboard installation finished. 23/10/2023 20:34:22 INFO: Wazuh dashboard post-install configuration finished. 23/10/2023 20:34:22 INFO: Starting service wazuh-dashboard. 23/10/2023 20:34:23 INFO: wazuh-dashboard service started. 23/10/2023 20:34:43 INFO: Initializing Wazuh dashboard web application. 23/10/2023 20:34:44 INFO: Wazuh dashboard web application initialized. 23/10/2023 20:34:44 INFO: --- Summary --- 23/10/2023 20:34:44 INFO: You can access the web interface https://:443 User: admin Password: ZjRSEBfy8OUW7tGdd.viQJg.VwEMoTRV 23/10/2023 20:34:44 INFO: Installation finished. ```

Wazuh Indexer

```console [root@rocky8 unattended_installer]# bash wazuh-install.sh -i -wi wazuh-indexer 23/10/2023 20:38:00 INFO: Starting Wazuh installation assistant. Wazuh version: 4.7.0 23/10/2023 20:38:00 INFO: Verbose logging redirected to /var/log/wazuh-install.log 23/10/2023 20:38:12 WARNING: Hardware and system checks ignored. 23/10/2023 20:38:12 WARNING: The system has Firewalld installed. Please ensure that traffic is allowed on these ports: 9200 9300. 23/10/2023 20:38:14 INFO: Wazuh development repository added. 23/10/2023 20:38:14 INFO: --- Wazuh indexer --- 23/10/2023 20:38:14 INFO: Starting Wazuh indexer installation. 23/10/2023 20:40:48 INFO: Wazuh indexer installation finished. 23/10/2023 20:40:48 INFO: Wazuh indexer post-install configuration finished. 23/10/2023 20:40:48 INFO: Starting service wazuh-indexer. 23/10/2023 20:40:58 INFO: wazuh-indexer service started. 23/10/2023 20:40:58 INFO: Initializing Wazuh indexer cluster security settings. 23/10/2023 20:41:00 INFO: Wazuh indexer cluster initialized. 23/10/2023 20:41:00 INFO: Installation finished. ```

Wazuh Manager

```console [root@rocky8 unattended_installer]# bash wazuh-install.sh -i -ws wazuh-server -o 23/10/2023 20:43:04 INFO: Starting Wazuh installation assistant. Wazuh version: 4.7.0 23/10/2023 20:43:04 INFO: Verbose logging redirected to /var/log/wazuh-install.log 23/10/2023 20:43:10 INFO: --- Removing existing Wazuh installation --- 23/10/2023 20:43:11 INFO: Installation cleaned. 23/10/2023 20:43:15 WARNING: Hardware and system checks ignored. 23/10/2023 20:43:15 WARNING: The system has Firewalld installed. Please ensure that traffic is allowed on these ports: 1514 1515 1516 55000. 23/10/2023 20:43:18 INFO: Wazuh development repository added. 23/10/2023 20:43:18 INFO: --- Wazuh server --- 23/10/2023 20:43:18 INFO: Starting the Wazuh manager installation. 23/10/2023 20:44:36 INFO: Wazuh manager installation finished. 23/10/2023 20:44:36 INFO: Starting service wazuh-manager. 23/10/2023 20:44:50 INFO: wazuh-manager service started. 23/10/2023 20:44:50 INFO: Starting Filebeat installation. 23/10/2023 20:45:03 INFO: Filebeat installation finished. 23/10/2023 20:45:05 INFO: Filebeat post-install configuration finished. 23/10/2023 20:45:10 INFO: Starting service filebeat. 23/10/2023 20:45:10 INFO: filebeat service started. 23/10/2023 20:45:10 INFO: Installation finished. ```

Wazuh Dashboard

```console [root@rocky8 unattended_installer]# bash wazuh-install.sh -i -wd wazuh-dashboard 23/10/2023 20:46:23 INFO: Starting Wazuh installation assistant. Wazuh version: 4.7.0 23/10/2023 20:46:23 INFO: Verbose logging redirected to /var/log/wazuh-install.log 23/10/2023 20:46:34 WARNING: Hardware and system checks ignored. 23/10/2023 20:46:34 INFO: Wazuh web interface port will be 443. 23/10/2023 20:46:34 WARNING: The system has Firewalld installed. Please ensure that traffic is allowed on this port: 443. 23/10/2023 20:46:36 INFO: Wazuh development repository added. 23/10/2023 20:46:36 INFO: --- Wazuh dashboard ---- 23/10/2023 20:46:41 INFO: Starting Wazuh dashboard installation. 23/10/2023 20:48:14 INFO: Wazuh dashboard installation finished. 23/10/2023 20:48:14 INFO: Wazuh dashboard post-install configuration finished. 23/10/2023 20:48:14 INFO: Starting service wazuh-dashboard. 23/10/2023 20:48:14 INFO: wazuh-dashboard service started. 23/10/2023 20:49:17 INFO: Initializing Wazuh dashboard web application. 23/10/2023 20:51:18 ERROR: Cannot connect to Wazuh dashboard. 23/10/2023 20:51:43 ERROR: Failed to connect with wazuh-indexer. Connection refused. 23/10/2023 20:51:43 INFO: If you want to install Wazuh dashboard without waiting for the Wazuh indexer cluster, use the -fd option 23/10/2023 20:51:43 INFO: --- Removing existing Wazuh installation --- 23/10/2023 20:51:43 INFO: Removing Wazuh dashboard. 23/10/2023 20:51:52 INFO: Wazuh dashboard removed. 23/10/2023 20:51:52 INFO: Installation cleaned. Check the /var/log/wazuh-install.log file to learn more about the issue. ```

Wazuh Dashboard port 8080

```console [root@rocky8 unattended_installer]# bash wazuh-install.sh -i -wd wazuh-dashboard -p 8080 23/10/2023 20:52:07 INFO: Starting Wazuh installation assistant. Wazuh version: 4.7.0 23/10/2023 20:52:07 INFO: Verbose logging redirected to /var/log/wazuh-install.log 23/10/2023 20:52:17 WARNING: Hardware and system checks ignored. 23/10/2023 20:52:17 INFO: Wazuh web interface port will be 8080. 23/10/2023 20:52:18 WARNING: The system has Firewalld installed. Please ensure that traffic is allowed on this port: 8080. 23/10/2023 20:52:20 INFO: Wazuh development repository added. 23/10/2023 20:52:20 INFO: --- Wazuh dashboard ---- 23/10/2023 20:52:25 INFO: Starting Wazuh dashboard installation. 23/10/2023 20:54:00 INFO: Wazuh dashboard installation finished. 23/10/2023 20:54:00 INFO: Wazuh dashboard post-install configuration finished. 23/10/2023 20:54:00 INFO: Starting service wazuh-dashboard. 23/10/2023 20:54:00 INFO: wazuh-dashboard service started. 23/10/2023 20:55:05 INFO: Initializing Wazuh dashboard web application. 23/10/2023 20:57:06 ERROR: Cannot connect to Wazuh dashboard. 23/10/2023 20:57:31 ERROR: Failed to connect with wazuh-indexer. Connection refused. 23/10/2023 20:57:31 INFO: If you want to install Wazuh dashboard without waiting for the Wazuh indexer cluster, use the -fd option 23/10/2023 20:57:31 INFO: --- Removing existing Wazuh installation --- 23/10/2023 20:57:31 INFO: Removing Wazuh dashboard. 23/10/2023 20:57:38 INFO: Wazuh dashboard removed. 23/10/2023 20:57:39 INFO: Installation cleaned. Check the /var/log/wazuh-install.log file to learn more about the issue. ```

[c-bordon]

Update report

Rocky linux without Firewalld

AIO

```console [root@rocky8 unattended_installer]# bash wazuh-install.sh -a -i -o 24/10/2023 12:21:10 INFO: Starting Wazuh installation assistant. Wazuh version: 4.7.0 24/10/2023 12:21:10 INFO: Verbose logging redirected to /var/log/wazuh-install.log 24/10/2023 12:21:16 INFO: --- Removing existing Wazuh installation --- 24/10/2023 12:21:16 INFO: Wazuh GPG key not found in the system 24/10/2023 12:21:16 INFO: Installation cleaned. 24/10/2023 12:21:20 WARNING: Hardware and system checks ignored. 24/10/2023 12:21:20 INFO: Wazuh web interface port will be 443. 24/10/2023 12:21:23 INFO: Wazuh development repository added. 24/10/2023 12:21:23 INFO: --- Configuration files --- 24/10/2023 12:21:23 INFO: Generating configuration files. 24/10/2023 12:21:24 INFO: Created wazuh-install-files.tar. It contains the Wazuh cluster key, certificates, and passwords necessary for installation. 24/10/2023 12:21:24 INFO: --- Wazuh indexer --- 24/10/2023 12:21:24 INFO: Starting Wazuh indexer installation. 24/10/2023 12:23:50 INFO: Wazuh indexer installation finished. 24/10/2023 12:23:50 INFO: Wazuh indexer post-install configuration finished. 24/10/2023 12:23:50 INFO: Starting service wazuh-indexer. 24/10/2023 12:24:01 INFO: wazuh-indexer service started. 24/10/2023 12:24:01 INFO: Initializing Wazuh indexer cluster security settings. 24/10/2023 12:24:12 INFO: Wazuh indexer cluster initialized. 24/10/2023 12:24:12 INFO: --- Wazuh server --- 24/10/2023 12:24:12 INFO: Starting the Wazuh manager installation. 24/10/2023 12:25:22 INFO: Wazuh manager installation finished. 24/10/2023 12:25:22 INFO: Starting service wazuh-manager. 24/10/2023 12:25:35 INFO: wazuh-manager service started. 24/10/2023 12:25:35 INFO: Starting Filebeat installation. 24/10/2023 12:25:44 INFO: Filebeat installation finished. 24/10/2023 12:25:45 INFO: Filebeat post-install configuration finished. 24/10/2023 12:25:45 INFO: Starting service filebeat. 24/10/2023 12:25:46 INFO: filebeat service started. 24/10/2023 12:25:46 INFO: --- Wazuh dashboard --- 24/10/2023 12:25:51 INFO: Starting Wazuh dashboard installation. 24/10/2023 12:27:20 INFO: Wazuh dashboard installation finished. 24/10/2023 12:27:20 INFO: Wazuh dashboard post-install configuration finished. 24/10/2023 12:27:20 INFO: Starting service wazuh-dashboard. 24/10/2023 12:27:20 INFO: wazuh-dashboard service started. 24/10/2023 12:27:40 INFO: Initializing Wazuh dashboard web application. 24/10/2023 12:27:40 INFO: Wazuh dashboard web application initialized. 24/10/2023 12:27:40 INFO: --- Summary --- 24/10/2023 12:27:40 INFO: You can access the web interface https://:443 User: admin Password: fHEW9q3Dc?.Gew2g2LYc40Wugan+PU0t 24/10/2023 12:27:40 INFO: Installation finished. ```

Wazuh indexer

```console [root@rocky8 unattended_installer]# bash wazuh-install.sh -i -wi wazuh-indexer -o 24/10/2023 12:31:37 INFO: Starting Wazuh installation assistant. Wazuh version: 4.7.0 24/10/2023 12:31:37 INFO: Verbose logging redirected to /var/log/wazuh-install.log 24/10/2023 12:31:47 WARNING: Hardware and system checks ignored. 24/10/2023 12:31:50 INFO: Wazuh development repository added. 24/10/2023 12:31:50 INFO: --- Wazuh indexer --- 24/10/2023 12:31:50 INFO: Starting Wazuh indexer installation. 24/10/2023 12:34:15 INFO: Wazuh indexer installation finished. 24/10/2023 12:34:15 INFO: Wazuh indexer post-install configuration finished. 24/10/2023 12:34:15 INFO: Starting service wazuh-indexer. 24/10/2023 12:34:24 INFO: wazuh-indexer service started. 24/10/2023 12:34:24 INFO: Initializing Wazuh indexer cluster security settings. 24/10/2023 12:34:26 INFO: Wazuh indexer cluster initialized. 24/10/2023 12:34:26 INFO: Installation finished. ```

Wazuh manager

```console [root@rocky8 unattended_installer]# bash wazuh-install.sh -i -ws wazuh-server -o 24/10/2023 12:35:05 INFO: Starting Wazuh installation assistant. Wazuh version: 4.7.0 24/10/2023 12:35:05 INFO: Verbose logging redirected to /var/log/wazuh-install.log 24/10/2023 12:35:11 INFO: --- Removing existing Wazuh installation --- 24/10/2023 12:35:11 INFO: Installation cleaned. 24/10/2023 12:35:16 WARNING: Hardware and system checks ignored. 24/10/2023 12:35:18 INFO: Wazuh development repository added. 24/10/2023 12:35:18 INFO: --- Wazuh server --- 24/10/2023 12:35:18 INFO: Starting the Wazuh manager installation. 24/10/2023 12:36:31 INFO: Wazuh manager installation finished. 24/10/2023 12:36:31 INFO: Starting service wazuh-manager. 24/10/2023 12:36:44 INFO: wazuh-manager service started. 24/10/2023 12:36:44 INFO: Starting Filebeat installation. 24/10/2023 12:36:52 INFO: Filebeat installation finished. 24/10/2023 12:36:54 INFO: Filebeat post-install configuration finished. 24/10/2023 12:36:59 INFO: Starting service filebeat. 24/10/2023 12:37:00 INFO: filebeat service started. 24/10/2023 12:37:00 INFO: Installation finished. ```

Wazuh dashboard

```console [root@rocky8 unattended_installer]# bash wazuh-install.sh -i -wd wazuh-dashboard -o 24/10/2023 12:37:30 INFO: Starting Wazuh installation assistant. Wazuh version: 4.7.0 24/10/2023 12:37:30 INFO: Verbose logging redirected to /var/log/wazuh-install.log 24/10/2023 12:37:41 WARNING: Hardware and system checks ignored. 24/10/2023 12:37:41 INFO: Wazuh web interface port will be 443. 24/10/2023 12:37:44 INFO: Wazuh development repository added. 24/10/2023 12:37:44 INFO: --- Wazuh dashboard ---- 24/10/2023 12:37:49 INFO: Starting Wazuh dashboard installation. 24/10/2023 12:39:21 INFO: Wazuh dashboard installation finished. 24/10/2023 12:39:21 INFO: Wazuh dashboard post-install configuration finished. 24/10/2023 12:39:21 INFO: Starting service wazuh-dashboard. 24/10/2023 12:39:22 INFO: wazuh-dashboard service started. 24/10/2023 12:40:26 INFO: Initializing Wazuh dashboard web application. 24/10/2023 12:42:27 ERROR: Cannot connect to Wazuh dashboard. 24/10/2023 12:42:52 ERROR: Wazuh indexer security settings not initialized. Please run the installation assistant using -s|--start-cluster in one of the wazuh indexer nodes. 24/10/2023 12:42:52 INFO: If you want to install Wazuh dashboard without waiting for the Wazuh indexer cluster, use the -fd option 24/10/2023 12:42:52 INFO: --- Removing existing Wazuh installation --- 24/10/2023 12:42:52 INFO: Removing Wazuh dashboard. 24/10/2023 12:43:01 INFO: Wazuh dashboard removed. 24/10/2023 12:43:01 INFO: Installation cleaned. ```

Wazuh dashboard port 8080

```console [root@rocky8 unattended_installer]# bash wazuh-install.sh -i -wd wazuh-dashboard -o -p 8080 24/10/2023 12:45:53 INFO: Starting Wazuh installation assistant. Wazuh version: 4.7.0 24/10/2023 12:45:53 INFO: Verbose logging redirected to /var/log/wazuh-install.log 24/10/2023 12:46:04 WARNING: Hardware and system checks ignored. 24/10/2023 12:46:04 INFO: Wazuh web interface port will be 8080. 24/10/2023 12:46:06 INFO: Wazuh development repository added. 24/10/2023 12:46:06 INFO: --- Wazuh dashboard ---- 24/10/2023 12:46:11 INFO: Starting Wazuh dashboard installation. 24/10/2023 12:47:45 INFO: Wazuh dashboard installation finished. 24/10/2023 12:47:45 INFO: Wazuh dashboard post-install configuration finished. 24/10/2023 12:47:45 INFO: Starting service wazuh-dashboard. 24/10/2023 12:47:45 INFO: wazuh-dashboard service started. 24/10/2023 12:48:50 INFO: Initializing Wazuh dashboard web application. 24/10/2023 12:50:50 ERROR: Cannot connect to Wazuh dashboard. 24/10/2023 12:51:16 ERROR: Wazuh indexer security settings not initialized. Please run the installation assistant using -s|--start-cluster in one of the wazuh indexer nodes. 24/10/2023 12:51:16 INFO: If you want to install Wazuh dashboard without waiting for the Wazuh indexer cluster, use the -fd option 24/10/2023 12:51:16 INFO: --- Removing existing Wazuh installation --- 24/10/2023 12:51:16 INFO: Removing Wazuh dashboard. 24/10/2023 12:51:24 INFO: Wazuh dashboard removed. 24/10/2023 12:51:24 INFO: Installation cleaned. ```

[c-bordon]

Update report

Ubuntu Jummy without Firewalld

AIO

```console root@ubuntu22:~/wazuh-packages/unattended_installer# bash wazuh-install.sh -a -o 24/10/2023 13:14:19 INFO: Starting Wazuh installation assistant. Wazuh version: 4.7.0 24/10/2023 13:14:19 INFO: Verbose logging redirected to /var/log/wazuh-install.log 24/10/2023 13:14:25 INFO: --- Removing existing Wazuh installation --- 24/10/2023 13:14:25 INFO: Removing Wazuh manager. 24/10/2023 13:14:33 INFO: Wazuh manager removed. 24/10/2023 13:14:33 INFO: Removing Wazuh indexer. 24/10/2023 13:14:38 INFO: Wazuh indexer removed. 24/10/2023 13:14:38 INFO: Removing Filebeat. 24/10/2023 13:14:42 INFO: Filebeat removed. 24/10/2023 13:14:42 INFO: Wazuh GPG key not found in the system 24/10/2023 13:14:43 INFO: Installation cleaned. 24/10/2023 13:14:47 INFO: Wazuh web interface port will be 443. 24/10/2023 13:14:54 INFO: Wazuh development repository added. 24/10/2023 13:14:54 INFO: --- Configuration files --- 24/10/2023 13:14:54 INFO: Generating configuration files. 24/10/2023 13:14:56 INFO: Created wazuh-install-files.tar. It contains the Wazuh cluster key, certificates, and passwords necessary for installation. 24/10/2023 13:14:56 INFO: --- Wazuh indexer --- 24/10/2023 13:14:56 INFO: Starting Wazuh indexer installation. 24/10/2023 13:15:38 INFO: Wazuh indexer installation finished. 24/10/2023 13:15:38 INFO: Wazuh indexer post-install configuration finished. 24/10/2023 13:15:38 INFO: Starting service wazuh-indexer. 24/10/2023 13:15:48 INFO: wazuh-indexer service started. 24/10/2023 13:15:48 INFO: Initializing Wazuh indexer cluster security settings. 24/10/2023 13:15:59 INFO: Wazuh indexer cluster initialized. 24/10/2023 13:15:59 INFO: --- Wazuh server --- 24/10/2023 13:15:59 INFO: Starting the Wazuh manager installation. 24/10/2023 13:16:41 INFO: Wazuh manager installation finished. 24/10/2023 13:16:41 INFO: Starting service wazuh-manager. 24/10/2023 13:16:57 INFO: wazuh-manager service started. 24/10/2023 13:16:57 INFO: Starting Filebeat installation. 24/10/2023 13:17:04 INFO: Filebeat installation finished. 24/10/2023 13:17:06 INFO: Filebeat post-install configuration finished. 24/10/2023 13:17:06 INFO: Starting service filebeat. 24/10/2023 13:17:07 INFO: filebeat service started. 24/10/2023 13:17:07 INFO: --- Wazuh dashboard --- 24/10/2023 13:17:08 INFO: Starting Wazuh dashboard installation. 24/10/2023 13:17:39 INFO: Wazuh dashboard installation finished. 24/10/2023 13:17:39 INFO: Wazuh dashboard post-install configuration finished. 24/10/2023 13:17:39 INFO: Starting service wazuh-dashboard. 24/10/2023 13:17:40 INFO: wazuh-dashboard service started. 24/10/2023 13:17:58 INFO: Initializing Wazuh dashboard web application. 24/10/2023 13:17:59 INFO: Wazuh dashboard web application initialized. 24/10/2023 13:17:59 INFO: --- Summary --- 24/10/2023 13:17:59 INFO: You can access the web interface https://:443 User: admin Password: HnMTUE.w.IbjxY9h1KwJ9Vepi9*m1ami 24/10/2023 13:17:59 INFO: Installation finished. ```

Wazuh indexer

```console root@ubuntu22:~/wazuh-packages/unattended_installer# bash wazuh-install.sh -wi wazuh-indexer -o 24/10/2023 13:18:21 INFO: Starting Wazuh installation assistant. Wazuh version: 4.7.0 24/10/2023 13:18:21 INFO: Verbose logging redirected to /var/log/wazuh-install.log 24/10/2023 13:18:27 INFO: --- Removing existing Wazuh installation --- 24/10/2023 13:18:27 INFO: Removing Wazuh indexer. 24/10/2023 13:18:34 INFO: Wazuh indexer removed. 24/10/2023 13:18:34 INFO: Installation cleaned. 24/10/2023 13:18:45 INFO: Wazuh development repository added. 24/10/2023 13:18:45 INFO: --- Wazuh indexer --- 24/10/2023 13:18:45 INFO: Starting Wazuh indexer installation. 24/10/2023 13:19:27 INFO: Wazuh indexer installation finished. 24/10/2023 13:19:27 INFO: Wazuh indexer post-install configuration finished. 24/10/2023 13:19:27 INFO: Starting service wazuh-indexer. 24/10/2023 13:19:38 INFO: wazuh-indexer service started. 24/10/2023 13:19:38 INFO: Initializing Wazuh indexer cluster security settings. 24/10/2023 13:19:40 INFO: Wazuh indexer cluster initialized. 24/10/2023 13:19:40 INFO: Installation finished. ```

Wazuh manager

```console root@ubuntu22:~/wazuh-packages/unattended_installer# bash wazuh-install.sh -ws wazuh-server -o 24/10/2023 13:19:54 INFO: Starting Wazuh installation assistant. Wazuh version: 4.7.0 24/10/2023 13:19:54 INFO: Verbose logging redirected to /var/log/wazuh-install.log 24/10/2023 13:20:00 INFO: --- Removing existing Wazuh installation --- 24/10/2023 13:20:00 INFO: Removing Wazuh manager. 24/10/2023 13:20:10 INFO: Wazuh manager removed. 24/10/2023 13:20:10 INFO: Removing Filebeat. 24/10/2023 13:20:14 INFO: Filebeat removed. 24/10/2023 13:20:14 INFO: Installation cleaned. 24/10/2023 13:20:26 INFO: Wazuh development repository added. 24/10/2023 13:20:26 INFO: --- Wazuh server --- 24/10/2023 13:20:26 INFO: Starting the Wazuh manager installation. 24/10/2023 13:21:07 INFO: Wazuh manager installation finished. 24/10/2023 13:21:07 INFO: Starting service wazuh-manager. 24/10/2023 13:21:24 INFO: wazuh-manager service started. 24/10/2023 13:21:24 INFO: Starting Filebeat installation. 24/10/2023 13:21:31 INFO: Filebeat installation finished. 24/10/2023 13:21:33 INFO: Filebeat post-install configuration finished. 24/10/2023 13:21:37 INFO: Starting service filebeat. 24/10/2023 13:21:38 INFO: filebeat service started. 24/10/2023 13:21:38 INFO: Installation finished. ```

Wazuh dashboard

```console root@ubuntu22:~/wazuh-packages/unattended_installer# bash wazuh-install.sh -wd wazuh-dashboard -o 24/10/2023 13:22:00 INFO: Starting Wazuh installation assistant. Wazuh version: 4.7.0 24/10/2023 13:22:00 INFO: Verbose logging redirected to /var/log/wazuh-install.log 24/10/2023 13:22:06 INFO: --- Removing existing Wazuh installation --- 24/10/2023 13:22:06 INFO: Removing Wazuh dashboard. 24/10/2023 13:22:17 INFO: Wazuh dashboard removed. 24/10/2023 13:22:18 INFO: Installation cleaned. 24/10/2023 13:22:22 INFO: Wazuh web interface port will be 443. 24/10/2023 13:22:29 INFO: Wazuh development repository added. 24/10/2023 13:22:29 INFO: --- Wazuh dashboard ---- 24/10/2023 13:22:30 INFO: Starting Wazuh dashboard installation. 24/10/2023 13:23:01 INFO: Wazuh dashboard installation finished. 24/10/2023 13:23:01 INFO: Wazuh dashboard post-install configuration finished. 24/10/2023 13:23:01 INFO: Starting service wazuh-dashboard. 24/10/2023 13:23:02 INFO: wazuh-dashboard service started. 24/10/2023 13:24:06 INFO: Initializing Wazuh dashboard web application. 24/10/2023 13:26:07 ERROR: Cannot connect to Wazuh dashboard. 24/10/2023 13:26:32 ERROR: Wazuh indexer security settings not initialized. Please run the installation assistant using -s|--start-cluster in one of the wazuh indexer nodes. 24/10/2023 13:26:32 INFO: If you want to install Wazuh dashboard without waiting for the Wazuh indexer cluster, use the -fd option 24/10/2023 13:26:32 INFO: --- Removing existing Wazuh installation --- 24/10/2023 13:26:32 INFO: Removing Wazuh dashboard. 24/10/2023 13:26:41 INFO: Wazuh dashboard removed. 24/10/2023 13:26:42 INFO: Installation cleaned. ```

Wazuh dashboard port 8080

```console root@ubuntu22:~/wazuh-packages/unattended_installer# bash wazuh-install.sh -wd wazuh-dashboard -o -p 8080 24/10/2023 13:26:49 INFO: Starting Wazuh installation assistant. Wazuh version: 4.7.0 24/10/2023 13:26:49 INFO: Verbose logging redirected to /var/log/wazuh-install.log 24/10/2023 13:26:58 INFO: Wazuh web interface port will be 8080. 24/10/2023 13:27:06 INFO: Wazuh development repository added. 24/10/2023 13:27:06 INFO: --- Wazuh dashboard ---- 24/10/2023 13:27:07 INFO: Starting Wazuh dashboard installation. 24/10/2023 13:27:37 INFO: Wazuh dashboard installation finished. 24/10/2023 13:27:37 INFO: Wazuh dashboard post-install configuration finished. 24/10/2023 13:27:37 INFO: Starting service wazuh-dashboard. 24/10/2023 13:27:38 INFO: wazuh-dashboard service started. 24/10/2023 13:28:42 INFO: Initializing Wazuh dashboard web application. 24/10/2023 13:30:43 ERROR: Cannot connect to Wazuh dashboard. 24/10/2023 13:31:08 ERROR: Wazuh indexer security settings not initialized. Please run the installation assistant using -s|--start-cluster in one of the wazuh indexer nodes. 24/10/2023 13:31:08 INFO: If you want to install Wazuh dashboard without waiting for the Wazuh indexer cluster, use the -fd option 24/10/2023 13:31:08 INFO: --- Removing existing Wazuh installation --- 24/10/2023 13:31:08 INFO: Removing Wazuh dashboard. 24/10/2023 13:31:17 INFO: Wazuh dashboard removed. 24/10/2023 13:31:17 INFO: Installation cleaned. ```

Installation fails because there is no Wazuh package for version 4.9.0

[c-bordon]

Update report

Ubuntu Jummy with Firewalld

AIO

```console root@ubuntu22:~/wazuh-packages/unattended_installer# bash wazuh-install.sh -a 24/10/2023 12:48:17 INFO: Starting Wazuh installation assistant. Wazuh version: 4.7.0 24/10/2023 12:48:17 INFO: Verbose logging redirected to /var/log/wazuh-install.log 24/10/2023 12:48:26 INFO: Wazuh web interface port will be 443. 24/10/2023 12:48:26 WARNING: The system has Firewalld installed. Please ensure that traffic is allowed on these ports: 1515 1514 443. 24/10/2023 12:48:33 INFO: Wazuh development repository added. 24/10/2023 12:48:33 INFO: --- Configuration files --- 24/10/2023 12:48:33 INFO: Generating configuration files. 24/10/2023 12:48:35 INFO: Created wazuh-install-files.tar. It contains the Wazuh cluster key, certificates, and passwords necessary for installation. 24/10/2023 12:48:35 INFO: --- Wazuh indexer --- 24/10/2023 12:48:35 INFO: Starting Wazuh indexer installation. 24/10/2023 12:50:26 INFO: Wazuh indexer installation finished. 24/10/2023 12:50:26 INFO: Wazuh indexer post-install configuration finished. 24/10/2023 12:50:26 INFO: Starting service wazuh-indexer. 24/10/2023 12:50:35 INFO: wazuh-indexer service started. 24/10/2023 12:50:35 INFO: Initializing Wazuh indexer cluster security settings. 24/10/2023 12:50:45 INFO: Wazuh indexer cluster initialized. 24/10/2023 12:50:45 INFO: --- Wazuh server --- 24/10/2023 12:50:45 INFO: Starting the Wazuh manager installation. 24/10/2023 12:51:47 INFO: Wazuh manager installation finished. 24/10/2023 12:51:47 INFO: Starting service wazuh-manager. 24/10/2023 12:52:03 INFO: wazuh-manager service started. 24/10/2023 12:52:03 INFO: Starting Filebeat installation. 24/10/2023 12:52:15 INFO: Filebeat installation finished. 24/10/2023 12:52:16 INFO: Filebeat post-install configuration finished. 24/10/2023 12:52:16 INFO: Starting service filebeat. 24/10/2023 12:52:17 INFO: filebeat service started. 24/10/2023 12:52:17 INFO: --- Wazuh dashboard --- 24/10/2023 12:52:18 INFO: Starting Wazuh dashboard installation. 24/10/2023 12:53:09 INFO: Wazuh dashboard installation finished. 24/10/2023 12:53:09 INFO: Wazuh dashboard post-install configuration finished. 24/10/2023 12:53:09 INFO: Starting service wazuh-dashboard. 24/10/2023 12:53:09 INFO: wazuh-dashboard service started. 24/10/2023 12:53:28 INFO: Initializing Wazuh dashboard web application. 24/10/2023 12:53:28 INFO: Wazuh dashboard web application initialized. 24/10/2023 12:53:28 INFO: --- Summary --- 24/10/2023 12:53:28 INFO: You can access the web interface https://:443 User: admin Password: VU9Y*2yV0+.zRCUA0tQmNSGt0zXCEK7y 24/10/2023 12:53:28 INFO: Installation finished. ```

Wazuh indexer

```console root@ubuntu22:~/wazuh-packages/unattended_installer# bash wazuh-install.sh -wi wazuh-indexer -o 24/10/2023 12:55:35 INFO: Starting Wazuh installation assistant. Wazuh version: 4.7.0 24/10/2023 12:55:35 INFO: Verbose logging redirected to /var/log/wazuh-install.log 24/10/2023 12:55:40 INFO: --- Removing existing Wazuh installation --- 24/10/2023 12:55:40 INFO: Removing Wazuh indexer. 24/10/2023 12:55:47 INFO: Wazuh indexer removed. 24/10/2023 12:55:47 INFO: Installation cleaned. 24/10/2023 12:55:52 WARNING: The system has Firewalld installed. Please ensure that traffic is allowed on these ports: 9200 9300. 24/10/2023 12:55:59 INFO: Wazuh development repository added. 24/10/2023 12:55:59 INFO: --- Wazuh indexer --- 24/10/2023 12:55:59 INFO: Starting Wazuh indexer installation. 24/10/2023 12:56:42 INFO: Wazuh indexer installation finished. 24/10/2023 12:56:42 INFO: Wazuh indexer post-install configuration finished. 24/10/2023 12:56:42 INFO: Starting service wazuh-indexer. 24/10/2023 12:56:53 INFO: wazuh-indexer service started. 24/10/2023 12:56:53 INFO: Initializing Wazuh indexer cluster security settings. 24/10/2023 12:56:55 INFO: Wazuh indexer cluster initialized. 24/10/2023 12:56:55 INFO: Installation finished. ```

Wazuh manager

```console root@ubuntu22:~/wazuh-packages/unattended_installer# bash wazuh-install.sh -ws wazuh-server -o 24/10/2023 12:57:16 INFO: Starting Wazuh installation assistant. Wazuh version: 4.7.0 24/10/2023 12:57:16 INFO: Verbose logging redirected to /var/log/wazuh-install.log 24/10/2023 12:57:22 INFO: --- Removing existing Wazuh installation --- 24/10/2023 12:57:22 INFO: Removing Wazuh manager. 24/10/2023 12:57:32 INFO: Wazuh manager removed. 24/10/2023 12:57:32 INFO: Removing Filebeat. 24/10/2023 12:57:36 INFO: Filebeat removed. 24/10/2023 12:57:36 INFO: Installation cleaned. 24/10/2023 12:57:41 WARNING: The system has Firewalld installed. Please ensure that traffic is allowed on these ports: 1514 1515 1516 55000. 24/10/2023 12:57:48 INFO: Wazuh development repository added. 24/10/2023 12:57:48 INFO: --- Wazuh server --- 24/10/2023 12:57:48 INFO: Starting the Wazuh manager installation. 24/10/2023 12:58:30 INFO: Wazuh manager installation finished. 24/10/2023 12:58:30 INFO: Starting service wazuh-manager. 24/10/2023 12:58:46 INFO: wazuh-manager service started. 24/10/2023 12:58:46 INFO: Starting Filebeat installation. 24/10/2023 12:58:52 INFO: Filebeat installation finished. 24/10/2023 12:58:54 INFO: Filebeat post-install configuration finished. 24/10/2023 12:58:58 INFO: Starting service filebeat. 24/10/2023 12:58:59 INFO: filebeat service started. 24/10/2023 12:58:59 INFO: Installation finished. ```

Wazuh dashboard

```console root@ubuntu22:~/wazuh-packages/unattended_installer# bash wazuh-install.sh -wd wazuh-dashboard -o 24/10/2023 13:00:16 INFO: Starting Wazuh installation assistant. Wazuh version: 4.7.0 24/10/2023 13:00:16 INFO: Verbose logging redirected to /var/log/wazuh-install.log 24/10/2023 13:00:25 INFO: --- Removing existing Wazuh installation --- 24/10/2023 13:00:25 INFO: Removing Wazuh dashboard. 24/10/2023 13:00:36 INFO: Wazuh dashboard removed. 24/10/2023 13:00:36 INFO: Installation cleaned. 24/10/2023 13:00:41 INFO: Wazuh web interface port will be 443. 24/10/2023 13:00:41 WARNING: The system has Firewalld installed. Please ensure that traffic is allowed on this port: 443. 24/10/2023 13:00:49 INFO: Wazuh development repository added. 24/10/2023 13:00:49 INFO: --- Wazuh dashboard ---- 24/10/2023 13:00:50 INFO: Starting Wazuh dashboard installation. 24/10/2023 13:01:24 INFO: Wazuh dashboard installation finished. 24/10/2023 13:01:24 INFO: Wazuh dashboard post-install configuration finished. 24/10/2023 13:01:24 INFO: Starting service wazuh-dashboard. 24/10/2023 13:01:24 INFO: wazuh-dashboard service started. 24/10/2023 13:02:29 INFO: Initializing Wazuh dashboard web application. 24/10/2023 13:04:30 ERROR: Cannot connect to Wazuh dashboard. 24/10/2023 13:04:55 ERROR: Wazuh indexer security settings not initialized. Please run the installation assistant using -s|--start-cluster in one of the wazuh indexer nodes. 24/10/2023 13:04:55 INFO: If you want to install Wazuh dashboard without waiting for the Wazuh indexer cluster, use the -fd option 24/10/2023 13:04:55 INFO: --- Removing existing Wazuh installation --- 24/10/2023 13:04:55 INFO: Removing Wazuh dashboard. 24/10/2023 13:05:04 INFO: Wazuh dashboard removed. 24/10/2023 13:05:04 INFO: Installation cleaned. ```

Wazuh dashboard port 8080

```console root@ubuntu22:~/wazuh-packages/unattended_installer# bash wazuh-install.sh -wd wazuh-dashboard -p 8080 -o 24/10/2023 13:05:13 INFO: Starting Wazuh installation assistant. Wazuh version: 4.7.0 24/10/2023 13:05:13 INFO: Verbose logging redirected to /var/log/wazuh-install.log 24/10/2023 13:05:23 INFO: Wazuh web interface port will be 8080. 24/10/2023 13:05:23 WARNING: The system has Firewalld installed. Please ensure that traffic is allowed on this port: 8080. 24/10/2023 13:05:30 INFO: Wazuh development repository added. 24/10/2023 13:05:31 INFO: --- Wazuh dashboard ---- 24/10/2023 13:05:32 INFO: Starting Wazuh dashboard installation. 24/10/2023 13:06:03 INFO: Wazuh dashboard installation finished. 24/10/2023 13:06:03 INFO: Wazuh dashboard post-install configuration finished. 24/10/2023 13:06:03 INFO: Starting service wazuh-dashboard. 24/10/2023 13:06:03 INFO: wazuh-dashboard service started. 24/10/2023 13:07:07 INFO: Initializing Wazuh dashboard web application. 24/10/2023 13:09:08 ERROR: Cannot connect to Wazuh dashboard. 24/10/2023 13:09:33 ERROR: Wazuh indexer security settings not initialized. Please run the installation assistant using -s|--start-cluster in one of the wazuh indexer nodes. 24/10/2023 13:09:33 INFO: If you want to install Wazuh dashboard without waiting for the Wazuh indexer cluster, use the -fd option 24/10/2023 13:09:33 INFO: --- Removing existing Wazuh installation --- 24/10/2023 13:09:33 INFO: Removing Wazuh dashboard. 24/10/2023 13:09:42 INFO: Wazuh dashboard removed. 24/10/2023 13:09:43 INFO: Installation cleaned. ```

[c-bordon]

Ubuntu Jammy tests

OS

```console root@ubuntu22:~/wazuh-packages/unattended_installer# cat /etc/*release DISTRIB_ID=Ubuntu DISTRIB_RELEASE=22.04 DISTRIB_CODENAME=jammy DISTRIB_DESCRIPTION="Ubuntu 22.04 LTS" PRETTY_NAME="Ubuntu 22.04 LTS" NAME="Ubuntu" VERSION_ID="22.04" VERSION="22.04 LTS (Jammy Jellyfish)" VERSION_CODENAME=jammy ID=ubuntu ID_LIKE=debian HOME_URL="https://www.ubuntu.com/" SUPPORT_URL="https://help.ubuntu.com/" BUG_REPORT_URL="https://bugs.launchpad.net/ubuntu/" PRIVACY_POLICY_URL="https://www.ubuntu.com/legal/terms-and-policies/privacy-policy" UBUNTU_CODENAME=jammy ```

UFW enable

```console root@ubuntu22:~/wazuh-packages/unattended_installer# ufw status Status: active root@ubuntu22:~/wazuh-packages/unattended_installer# bash wazuh-install.sh -a -o 24/10/2023 15:12:22 INFO: Starting Wazuh installation assistant. Wazuh version: 4.7.0 24/10/2023 15:12:22 INFO: Verbose logging redirected to /var/log/wazuh-install.log 24/10/2023 15:12:28 INFO: --- Removing existing Wazuh installation --- 24/10/2023 15:12:28 INFO: Removing Wazuh manager. 24/10/2023 15:12:38 INFO: Wazuh manager removed. 24/10/2023 15:12:38 INFO: Removing Wazuh indexer. 24/10/2023 15:12:44 INFO: Wazuh indexer removed. 24/10/2023 15:12:44 INFO: Removing Filebeat. 24/10/2023 15:12:48 INFO: Filebeat removed. 24/10/2023 15:12:48 INFO: Removing Wazuh dashboard. 24/10/2023 15:12:56 INFO: Wazuh dashboard removed. 24/10/2023 15:12:57 INFO: Installation cleaned. 24/10/2023 15:13:01 INFO: Wazuh web interface port will be 443. 24/10/2023 15:13:02 WARNING: The system has UFW installed. Please ensure that traffic is allowed on these ports: 1515 1514 443. 24/10/2023 15:13:09 INFO: Wazuh development repository added. 24/10/2023 15:13:09 INFO: --- Configuration files --- 24/10/2023 15:13:09 INFO: Generating configuration files. 24/10/2023 15:13:10 INFO: Created wazuh-install-files.tar. It contains the Wazuh cluster key, certificates, and passwords necessary for installation. 24/10/2023 15:13:10 INFO: --- Wazuh indexer --- 24/10/2023 15:13:10 INFO: Starting Wazuh indexer installation. 24/10/2023 15:13:54 INFO: Wazuh indexer installation finished. 24/10/2023 15:13:54 INFO: Wazuh indexer post-install configuration finished. 24/10/2023 15:13:54 INFO: Starting service wazuh-indexer. 24/10/2023 15:14:04 INFO: wazuh-indexer service started. 24/10/2023 15:14:04 INFO: Initializing Wazuh indexer cluster security settings. 24/10/2023 15:14:14 INFO: Wazuh indexer cluster initialized. 24/10/2023 15:14:14 INFO: --- Wazuh server --- 24/10/2023 15:14:14 INFO: Starting the Wazuh manager installation. 24/10/2023 15:14:56 INFO: Wazuh manager installation finished. 24/10/2023 15:14:56 INFO: Starting service wazuh-manager. 24/10/2023 15:15:12 INFO: wazuh-manager service started. 24/10/2023 15:15:12 INFO: Starting Filebeat installation. 24/10/2023 15:15:18 INFO: Filebeat installation finished. 24/10/2023 15:15:20 INFO: Filebeat post-install configuration finished. 24/10/2023 15:15:20 INFO: Starting service filebeat. 24/10/2023 15:15:21 INFO: filebeat service started. 24/10/2023 15:15:21 INFO: --- Wazuh dashboard --- 24/10/2023 15:15:22 INFO: Starting Wazuh dashboard installation. 24/10/2023 15:15:57 INFO: Wazuh dashboard installation finished. 24/10/2023 15:15:57 INFO: Wazuh dashboard post-install configuration finished. 24/10/2023 15:15:58 INFO: Starting service wazuh-dashboard. 24/10/2023 15:15:58 INFO: wazuh-dashboard service started. 24/10/2023 15:16:17 INFO: Initializing Wazuh dashboard web application. 24/10/2023 15:16:17 INFO: Wazuh dashboard web application initialized. 24/10/2023 15:16:17 INFO: --- Summary --- 24/10/2023 15:16:17 INFO: You can access the web interface https://:443 User: admin Password: 3Uun*7?j7c1Sqv*Z9kcckyFmKXzbIr3b 24/10/2023 15:16:17 INFO: Installation finished. ```

UFW disable

```console root@ubuntu22:~/wazuh-packages/unattended_installer# ufw status Status: inactive root@ubuntu22:~/wazuh-packages/unattended_installer# bash wazuh-install.sh -a 24/10/2023 15:00:23 INFO: Starting Wazuh installation assistant. Wazuh version: 4.7.0 24/10/2023 15:00:23 INFO: Verbose logging redirected to /var/log/wazuh-install.log 24/10/2023 15:00:45 INFO: Wazuh web interface port will be 443. 24/10/2023 15:00:48 INFO: --- Dependencies ---- 24/10/2023 15:00:48 INFO: Installing apt-transport-https. 24/10/2023 15:00:57 INFO: Wazuh development repository added. 24/10/2023 15:00:57 INFO: --- Configuration files --- 24/10/2023 15:00:57 INFO: Generating configuration files. 24/10/2023 15:00:59 INFO: Created wazuh-install-files.tar. It contains the Wazuh cluster key, certificates, and passwords necessary for installation. 24/10/2023 15:00:59 INFO: --- Wazuh indexer --- 24/10/2023 15:00:59 INFO: Starting Wazuh indexer installation. 24/10/2023 15:03:30 INFO: Wazuh indexer installation finished. 24/10/2023 15:03:30 INFO: Wazuh indexer post-install configuration finished. 24/10/2023 15:03:30 INFO: Starting service wazuh-indexer. 24/10/2023 15:03:41 INFO: wazuh-indexer service started. 24/10/2023 15:03:41 INFO: Initializing Wazuh indexer cluster security settings. 24/10/2023 15:03:51 INFO: Wazuh indexer cluster initialized. 24/10/2023 15:03:51 INFO: --- Wazuh server --- 24/10/2023 15:03:51 INFO: Starting the Wazuh manager installation. 24/10/2023 15:04:54 INFO: Wazuh manager installation finished. 24/10/2023 15:04:54 INFO: Starting service wazuh-manager. 24/10/2023 15:05:10 INFO: wazuh-manager service started. 24/10/2023 15:05:10 INFO: Starting Filebeat installation. 24/10/2023 15:05:21 INFO: Filebeat installation finished. 24/10/2023 15:05:23 INFO: Filebeat post-install configuration finished. 24/10/2023 15:05:23 INFO: Starting service filebeat. 24/10/2023 15:05:24 INFO: filebeat service started. 24/10/2023 15:05:24 INFO: --- Wazuh dashboard --- 24/10/2023 15:05:25 INFO: Installing chrome. 24/10/2023 15:06:54 INFO: --- Dependencies ---- 24/10/2023 15:06:54 INFO: Installing libnss3-dev. 24/10/2023 15:07:02 INFO: Starting Wazuh dashboard installation. 24/10/2023 15:07:56 INFO: Wazuh dashboard installation finished. 24/10/2023 15:07:56 INFO: Wazuh dashboard post-install configuration finished. 24/10/2023 15:07:56 INFO: Starting service wazuh-dashboard. 24/10/2023 15:07:57 INFO: wazuh-dashboard service started. 24/10/2023 15:08:17 INFO: Initializing Wazuh dashboard web application. 24/10/2023 15:08:18 INFO: Wazuh dashboard web application initialized. 24/10/2023 15:08:18 INFO: --- Summary --- 24/10/2023 15:08:18 INFO: You can access the web interface https://:443 User: admin Password: YqQXS.+.j?.bUi*eeDR?w6*dwALq5Wo7 24/10/2023 15:08:18 INFO: Installation finished. ```

UFW uninstalled

```console root@ubuntu22:~/wazuh-packages/unattended_installer# apt list --installed | grep ufw WARNING: apt does not have a stable CLI interface. Use with caution in scripts. root@ubuntu22:~/wazuh-packages/unattended_installer# bash wazuh-install.sh -a -o 24/10/2023 15:17:37 INFO: Starting Wazuh installation assistant. Wazuh version: 4.7.0 24/10/2023 15:17:37 INFO: Verbose logging redirected to /var/log/wazuh-install.log 24/10/2023 15:17:42 INFO: --- Removing existing Wazuh installation --- 24/10/2023 15:17:42 INFO: Removing Wazuh manager. 24/10/2023 15:17:52 INFO: Wazuh manager removed. 24/10/2023 15:17:52 INFO: Removing Wazuh indexer. 24/10/2023 15:17:58 INFO: Wazuh indexer removed. 24/10/2023 15:17:58 INFO: Removing Filebeat. 24/10/2023 15:18:02 INFO: Filebeat removed. 24/10/2023 15:18:02 INFO: Removing Wazuh dashboard. 24/10/2023 15:18:10 INFO: Wazuh dashboard removed. 24/10/2023 15:18:11 INFO: Installation cleaned. 24/10/2023 15:18:15 INFO: Wazuh web interface port will be 443. 24/10/2023 15:18:23 INFO: Wazuh development repository added. 24/10/2023 15:18:23 INFO: --- Configuration files --- 24/10/2023 15:18:23 INFO: Generating configuration files. 24/10/2023 15:18:24 INFO: Created wazuh-install-files.tar. It contains the Wazuh cluster key, certificates, and passwords necessary for installation. 24/10/2023 15:18:25 INFO: --- Wazuh indexer --- 24/10/2023 15:18:25 INFO: Starting Wazuh indexer installation. 24/10/2023 15:19:10 INFO: Wazuh indexer installation finished. 24/10/2023 15:19:10 INFO: Wazuh indexer post-install configuration finished. 24/10/2023 15:19:10 INFO: Starting service wazuh-indexer. 24/10/2023 15:19:23 INFO: wazuh-indexer service started. 24/10/2023 15:19:23 INFO: Initializing Wazuh indexer cluster security settings. 24/10/2023 15:19:34 INFO: Wazuh indexer cluster initialized. 24/10/2023 15:19:34 INFO: --- Wazuh server --- 24/10/2023 15:19:34 INFO: Starting the Wazuh manager installation. 24/10/2023 15:20:17 INFO: Wazuh manager installation finished. 24/10/2023 15:20:17 INFO: Starting service wazuh-manager. 24/10/2023 15:20:33 INFO: wazuh-manager service started. 24/10/2023 15:20:33 INFO: Starting Filebeat installation. 24/10/2023 15:20:40 INFO: Filebeat installation finished. 24/10/2023 15:20:42 INFO: Filebeat post-install configuration finished. 24/10/2023 15:20:42 INFO: Starting service filebeat. 24/10/2023 15:20:43 INFO: filebeat service started. 24/10/2023 15:20:43 INFO: --- Wazuh dashboard --- 24/10/2023 15:20:44 INFO: Starting Wazuh dashboard installation. 24/10/2023 15:21:18 INFO: Wazuh dashboard installation finished. 24/10/2023 15:21:18 INFO: Wazuh dashboard post-install configuration finished. 24/10/2023 15:21:18 INFO: Starting service wazuh-dashboard. 24/10/2023 15:21:19 INFO: wazuh-dashboard service started. 24/10/2023 15:21:39 INFO: Initializing Wazuh dashboard web application. 24/10/2023 15:21:39 INFO: Wazuh dashboard web application initialized. 24/10/2023 15:21:39 INFO: --- Summary --- 24/10/2023 15:21:39 INFO: You can access the web interface https://:443 User: admin Password: k.+Pn63poxLQGlPPnUJ3fINxNBq?4tEw 24/10/2023 15:21:39 INFO: Installation finished. ```

Firewalld enable

```console root@ubuntu22:~/wazuh-packages/unattended_installer# firewall-cmd --state running root@ubuntu22:~/wazuh-packages/unattended_installer# bash wazuh-install.sh -a -o 24/10/2023 15:23:35 INFO: Starting Wazuh installation assistant. Wazuh version: 4.7.0 24/10/2023 15:23:35 INFO: Verbose logging redirected to /var/log/wazuh-install.log 24/10/2023 15:23:40 INFO: --- Removing existing Wazuh installation --- 24/10/2023 15:23:40 INFO: Removing Wazuh manager. 24/10/2023 15:23:50 INFO: Wazuh manager removed. 24/10/2023 15:23:50 INFO: Removing Wazuh indexer. 24/10/2023 15:23:57 INFO: Wazuh indexer removed. 24/10/2023 15:23:57 INFO: Removing Filebeat. 24/10/2023 15:24:02 INFO: Filebeat removed. 24/10/2023 15:24:02 INFO: Removing Wazuh dashboard. 24/10/2023 15:24:10 INFO: Wazuh dashboard removed. 24/10/2023 15:24:10 INFO: Installation cleaned. 24/10/2023 15:24:15 INFO: Wazuh web interface port will be 443. 24/10/2023 15:24:15 WARNING: The system has Firewalld installed. Please ensure that traffic is allowed on these ports: 1515 1514 443. 24/10/2023 15:24:23 INFO: Wazuh development repository added. 24/10/2023 15:24:23 INFO: --- Configuration files --- 24/10/2023 15:24:23 INFO: Generating configuration files. 24/10/2023 15:24:24 INFO: Created wazuh-install-files.tar. It contains the Wazuh cluster key, certificates, and passwords necessary for installation. 24/10/2023 15:24:24 INFO: --- Wazuh indexer --- 24/10/2023 15:24:24 INFO: Starting Wazuh indexer installation. 24/10/2023 15:25:10 INFO: Wazuh indexer installation finished. 24/10/2023 15:25:10 INFO: Wazuh indexer post-install configuration finished. 24/10/2023 15:25:10 INFO: Starting service wazuh-indexer. 24/10/2023 15:25:22 INFO: wazuh-indexer service started. 24/10/2023 15:25:22 INFO: Initializing Wazuh indexer cluster security settings. 24/10/2023 15:25:33 INFO: Wazuh indexer cluster initialized. 24/10/2023 15:25:33 INFO: --- Wazuh server --- 24/10/2023 15:25:33 INFO: Starting the Wazuh manager installation. 24/10/2023 15:26:24 INFO: Wazuh manager installation finished. 24/10/2023 15:26:24 INFO: Starting service wazuh-manager. 24/10/2023 15:26:41 INFO: wazuh-manager service started. 24/10/2023 15:26:41 INFO: Starting Filebeat installation. 24/10/2023 15:26:49 INFO: Filebeat installation finished. 24/10/2023 15:26:51 INFO: Filebeat post-install configuration finished. 24/10/2023 15:26:51 INFO: Starting service filebeat. 24/10/2023 15:26:52 INFO: filebeat service started. 24/10/2023 15:26:52 INFO: --- Wazuh dashboard --- 24/10/2023 15:26:53 INFO: Starting Wazuh dashboard installation. 24/10/2023 15:27:28 INFO: Wazuh dashboard installation finished. 24/10/2023 15:27:28 INFO: Wazuh dashboard post-install configuration finished. 24/10/2023 15:27:28 INFO: Starting service wazuh-dashboard. 24/10/2023 15:27:29 INFO: wazuh-dashboard service started. 24/10/2023 15:27:49 INFO: Initializing Wazuh dashboard web application. 24/10/2023 15:27:49 INFO: Wazuh dashboard web application initialized. 24/10/2023 15:27:49 INFO: --- Summary --- 24/10/2023 15:27:49 INFO: You can access the web interface https://:443 User: admin Password: ?8octUcJr.Ytu1+pgZjljWK.BSRZA3+N 24/10/2023 15:27:49 INFO: Installation finished. ```

Firewalld disable

```console root@ubuntu22:~/wazuh-packages/unattended_installer# firewall-cmd --state not running root@ubuntu22:~/wazuh-packages/unattended_installer# bash wazuh-install.sh -a -o 24/10/2023 15:29:02 INFO: Starting Wazuh installation assistant. Wazuh version: 4.7.0 24/10/2023 15:29:02 INFO: Verbose logging redirected to /var/log/wazuh-install.log 24/10/2023 15:29:09 INFO: --- Removing existing Wazuh installation --- 24/10/2023 15:29:09 INFO: Removing Wazuh manager. 24/10/2023 15:29:20 INFO: Wazuh manager removed. 24/10/2023 15:29:20 INFO: Removing Wazuh indexer. 24/10/2023 15:29:26 INFO: Wazuh indexer removed. 24/10/2023 15:29:26 INFO: Removing Filebeat. 24/10/2023 15:29:31 INFO: Filebeat removed. 24/10/2023 15:29:31 INFO: Removing Wazuh dashboard. 24/10/2023 15:29:39 INFO: Wazuh dashboard removed. 24/10/2023 15:29:39 INFO: Installation cleaned. 24/10/2023 15:29:44 INFO: Wazuh web interface port will be 443. 24/10/2023 15:29:52 INFO: Wazuh development repository added. 24/10/2023 15:29:52 INFO: --- Configuration files --- 24/10/2023 15:29:52 INFO: Generating configuration files. 24/10/2023 15:29:54 INFO: Created wazuh-install-files.tar. It contains the Wazuh cluster key, certificates, and passwords necessary for installation. 24/10/2023 15:29:54 INFO: --- Wazuh indexer --- 24/10/2023 15:29:55 INFO: Starting Wazuh indexer installation. 24/10/2023 15:30:45 INFO: Wazuh indexer installation finished. 24/10/2023 15:30:45 INFO: Wazuh indexer post-install configuration finished. 24/10/2023 15:30:45 INFO: Starting service wazuh-indexer. 24/10/2023 15:30:56 INFO: wazuh-indexer service started. 24/10/2023 15:30:56 INFO: Initializing Wazuh indexer cluster security settings. 24/10/2023 15:31:07 INFO: Wazuh indexer cluster initialized. 24/10/2023 15:31:07 INFO: --- Wazuh server --- 24/10/2023 15:31:07 INFO: Starting the Wazuh manager installation. 24/10/2023 15:31:55 INFO: Wazuh manager installation finished. 24/10/2023 15:31:55 INFO: Starting service wazuh-manager. 24/10/2023 15:32:12 INFO: wazuh-manager service started. 24/10/2023 15:32:12 INFO: Starting Filebeat installation. 24/10/2023 15:32:19 INFO: Filebeat installation finished. 24/10/2023 15:32:22 INFO: Filebeat post-install configuration finished. 24/10/2023 15:32:22 INFO: Starting service filebeat. 24/10/2023 15:32:23 INFO: filebeat service started. 24/10/2023 15:32:23 INFO: --- Wazuh dashboard --- 24/10/2023 15:32:24 INFO: Starting Wazuh dashboard installation. 24/10/2023 15:32:58 INFO: Wazuh dashboard installation finished. 24/10/2023 15:32:58 INFO: Wazuh dashboard post-install configuration finished. 24/10/2023 15:32:58 INFO: Starting service wazuh-dashboard. 24/10/2023 15:32:59 INFO: wazuh-dashboard service started. 24/10/2023 15:33:20 INFO: Initializing Wazuh dashboard web application. 24/10/2023 15:33:21 INFO: Wazuh dashboard web application initialized. 24/10/2023 15:33:21 INFO: --- Summary --- 24/10/2023 15:33:21 INFO: You can access the web interface https://:443 User: admin Password: pWhvUoAqBsarZRNppfPqBFuTQsskF.8? 24/10/2023 15:33:21 INFO: Installation finished. ```

Firewalld uninstalled

```console root@ubuntu22:~/wazuh-packages/unattended_installer# apt list --installed | grep firewalld WARNING: apt does not have a stable CLI interface. Use with caution in scripts. root@ubuntu22:~/wazuh-packages/unattended_installer# bash wazuh-install.sh -a -o 24/10/2023 15:34:48 INFO: Starting Wazuh installation assistant. Wazuh version: 4.7.0 24/10/2023 15:34:48 INFO: Verbose logging redirected to /var/log/wazuh-install.log 24/10/2023 15:34:55 INFO: --- Removing existing Wazuh installation --- 24/10/2023 15:34:55 INFO: Removing Wazuh manager. 24/10/2023 15:35:07 INFO: Wazuh manager removed. 24/10/2023 15:35:07 INFO: Removing Wazuh indexer. 24/10/2023 15:35:13 INFO: Wazuh indexer removed. 24/10/2023 15:35:13 INFO: Removing Filebeat. 24/10/2023 15:35:18 INFO: Filebeat removed. 24/10/2023 15:35:18 INFO: Removing Wazuh dashboard. 24/10/2023 15:35:27 INFO: Wazuh dashboard removed. 24/10/2023 15:35:27 INFO: Installation cleaned. 24/10/2023 15:35:32 INFO: Wazuh web interface port will be 443. 24/10/2023 15:35:39 INFO: Wazuh development repository added. 24/10/2023 15:35:39 INFO: --- Configuration files --- 24/10/2023 15:35:39 INFO: Generating configuration files. 24/10/2023 15:35:41 INFO: Created wazuh-install-files.tar. It contains the Wazuh cluster key, certificates, and passwords necessary for installation. 24/10/2023 15:35:41 INFO: --- Wazuh indexer --- 24/10/2023 15:35:41 INFO: Starting Wazuh indexer installation. 24/10/2023 15:36:30 INFO: Wazuh indexer installation finished. 24/10/2023 15:36:30 INFO: Wazuh indexer post-install configuration finished. 24/10/2023 15:36:30 INFO: Starting service wazuh-indexer. 24/10/2023 15:36:40 INFO: wazuh-indexer service started. 24/10/2023 15:36:40 INFO: Initializing Wazuh indexer cluster security settings. 24/10/2023 15:36:52 INFO: Wazuh indexer cluster initialized. 24/10/2023 15:36:52 INFO: --- Wazuh server --- 24/10/2023 15:36:52 INFO: Starting the Wazuh manager installation. 24/10/2023 15:37:37 INFO: Wazuh manager installation finished. 24/10/2023 15:37:37 INFO: Starting service wazuh-manager. 24/10/2023 15:37:52 INFO: wazuh-manager service started. 24/10/2023 15:37:52 INFO: Starting Filebeat installation. 24/10/2023 15:37:59 INFO: Filebeat installation finished. 24/10/2023 15:38:02 INFO: Filebeat post-install configuration finished. 24/10/2023 15:38:02 INFO: Starting service filebeat. 24/10/2023 15:38:03 INFO: filebeat service started. 24/10/2023 15:38:03 INFO: --- Wazuh dashboard --- 24/10/2023 15:38:04 INFO: Starting Wazuh dashboard installation. 24/10/2023 15:38:37 INFO: Wazuh dashboard installation finished. 24/10/2023 15:38:37 INFO: Wazuh dashboard post-install configuration finished. 24/10/2023 15:38:37 INFO: Starting service wazuh-dashboard. 24/10/2023 15:38:38 INFO: wazuh-dashboard service started. 24/10/2023 15:38:57 INFO: Initializing Wazuh dashboard web application. 24/10/2023 15:38:58 INFO: Wazuh dashboard web application initialized. 24/10/2023 15:38:58 INFO: --- Summary --- 24/10/2023 15:38:58 INFO: You can access the web interface https://:443 User: admin Password: jKHR+51n.iAm57+qTPRTNyIsoI3bkWR2 24/10/2023 15:38:58 INFO: Installation finished. ```

Firewalld and UFW enabled

```console root@ubuntu22:~/wazuh-packages/unattended_installer# ufw enable Command may disrupt existing ssh connections. Proceed with operation (y|n)? y Firewall is active and enabled on system startup root@ubuntu22:~/wazuh-packages/unattended_installer# firewall-cmd --state running root@ubuntu22:~/wazuh-packages/unattended_installer# bash wazuh-install.sh -a -o 24/10/2023 15:40:30 INFO: Starting Wazuh installation assistant. Wazuh version: 4.7.0 24/10/2023 15:40:30 INFO: Verbose logging redirected to /var/log/wazuh-install.log 24/10/2023 15:40:37 INFO: --- Removing existing Wazuh installation --- 24/10/2023 15:40:37 INFO: Removing Wazuh manager. 24/10/2023 15:40:46 INFO: Wazuh manager removed. 24/10/2023 15:40:46 INFO: Removing Wazuh indexer. 24/10/2023 15:40:52 INFO: Wazuh indexer removed. 24/10/2023 15:40:52 INFO: Removing Filebeat. 24/10/2023 15:40:56 INFO: Filebeat removed. 24/10/2023 15:40:56 INFO: Removing Wazuh dashboard. 24/10/2023 15:41:05 INFO: Wazuh dashboard removed. 24/10/2023 15:41:05 INFO: Installation cleaned. 24/10/2023 15:41:10 INFO: Wazuh web interface port will be 443. 24/10/2023 15:41:10 WARNING: The system has Firewalld installed. Please ensure that traffic is allowed on these ports: 1515 1514 443. 24/10/2023 15:41:10 WARNING: The system has UFW installed. Please ensure that traffic is allowed on these ports: 1515 1514 443. 24/10/2023 15:41:17 INFO: Wazuh development repository added. 24/10/2023 15:41:17 INFO: --- Configuration files --- 24/10/2023 15:41:17 INFO: Generating configuration files. 24/10/2023 15:41:19 INFO: Created wazuh-install-files.tar. It contains the Wazuh cluster key, certificates, and passwords necessary for installation. 24/10/2023 15:41:19 INFO: --- Wazuh indexer --- 24/10/2023 15:41:19 INFO: Starting Wazuh indexer installation. 24/10/2023 15:42:02 INFO: Wazuh indexer installation finished. 24/10/2023 15:42:02 INFO: Wazuh indexer post-install configuration finished. 24/10/2023 15:42:02 INFO: Starting service wazuh-indexer. 24/10/2023 15:42:15 INFO: wazuh-indexer service started. 24/10/2023 15:42:15 INFO: Initializing Wazuh indexer cluster security settings. 24/10/2023 15:42:25 INFO: Wazuh indexer cluster initialized. 24/10/2023 15:42:25 INFO: --- Wazuh server --- 24/10/2023 15:42:25 INFO: Starting the Wazuh manager installation. 24/10/2023 15:43:11 INFO: Wazuh manager installation finished. 24/10/2023 15:43:11 INFO: Starting service wazuh-manager. 24/10/2023 15:43:26 INFO: wazuh-manager service started. 24/10/2023 15:43:26 INFO: Starting Filebeat installation. 24/10/2023 15:43:34 INFO: Filebeat installation finished. 24/10/2023 15:43:36 INFO: Filebeat post-install configuration finished. 24/10/2023 15:43:36 INFO: Starting service filebeat. 24/10/2023 15:43:37 INFO: filebeat service started. 24/10/2023 15:43:37 INFO: --- Wazuh dashboard --- 24/10/2023 15:43:38 INFO: Starting Wazuh dashboard installation. 24/10/2023 15:44:13 INFO: Wazuh dashboard installation finished. 24/10/2023 15:44:13 INFO: Wazuh dashboard post-install configuration finished. 24/10/2023 15:44:13 INFO: Starting service wazuh-dashboard. 24/10/2023 15:44:14 INFO: wazuh-dashboard service started. 24/10/2023 15:44:34 INFO: Initializing Wazuh dashboard web application. 24/10/2023 15:44:34 INFO: Wazuh dashboard web application initialized. 24/10/2023 15:44:34 INFO: --- Summary --- 24/10/2023 15:44:34 INFO: You can access the web interface https://:443 User: admin Password: *QLJ+Pl0XNWgLOLtT?43*zye*Ur2fF80 24/10/2023 15:44:34 INFO: Installation finished ```

[c-bordon]

Rocky Linux 8 tests

OS

```console [root@rocky8 unattended_installer]# cat /etc/*release Rocky Linux release 8.8 (Green Obsidian) NAME="Rocky Linux" VERSION="8.8 (Green Obsidian)" ID="rocky" ID_LIKE="rhel centos fedora" VERSION_ID="8.8" PLATFORM_ID="platform:el8" PRETTY_NAME="Rocky Linux 8.8 (Green Obsidian)" ANSI_COLOR="0;32" LOGO="fedora-logo-icon" CPE_NAME="cpe:/o:rocky:rocky:8:GA" HOME_URL="https://rockylinux.org/" BUG_REPORT_URL="https://bugs.rockylinux.org/" SUPPORT_END="2029-05-31" ROCKY_SUPPORT_PRODUCT="Rocky-Linux-8" ROCKY_SUPPORT_PRODUCT_VERSION="8.8" REDHAT_SUPPORT_PRODUCT="Rocky Linux" REDHAT_SUPPORT_PRODUCT_VERSION="8.8" Rocky Linux release 8.8 (Green Obsidian) Rocky Linux release 8.8 (Green Obsidian) Rocky Linux release 8.8 (Green Obsidian) ```

UFW enable

```console [root@rocky8 unattended_installer]# ufw status Status: active To Action From -- ------ ---- SSH ALLOW Anywhere 224.0.0.251 mDNS ALLOW Anywhere SSH (v6) ALLOW Anywhere (v6) ff02::fb mDNS ALLOW Anywhere (v6) [root@rocky8 unattended_installer]# bash wazuh-install.sh -a -i -o 24/10/2023 15:33:01 INFO: Starting Wazuh installation assistant. Wazuh version: 4.7.0 24/10/2023 15:33:01 INFO: Verbose logging redirected to /var/log/wazuh-install.log 24/10/2023 15:33:10 INFO: --- Removing existing Wazuh installation --- 24/10/2023 15:33:10 INFO: Removing Wazuh manager. 24/10/2023 15:33:35 INFO: Wazuh manager removed. 24/10/2023 15:33:35 INFO: Removing Wazuh indexer. 24/10/2023 15:33:36 INFO: Wazuh indexer removed. 24/10/2023 15:33:36 INFO: Removing Filebeat. 24/10/2023 15:33:37 INFO: Filebeat removed. 24/10/2023 15:33:37 INFO: Removing Wazuh dashboard. 24/10/2023 15:33:46 INFO: Wazuh dashboard removed. 24/10/2023 15:33:46 INFO: Installation cleaned. 24/10/2023 15:33:51 WARNING: Hardware and system checks ignored. 24/10/2023 15:33:51 INFO: Wazuh web interface port will be 443. 24/10/2023 15:33:52 WARNING: The system has UFW installed. Please ensure that traffic is allowed on these ports: 1515 1514 443. 24/10/2023 15:33:54 INFO: Wazuh development repository added. 24/10/2023 15:33:54 INFO: --- Configuration files --- 24/10/2023 15:33:54 INFO: Generating configuration files. 24/10/2023 15:33:55 INFO: Created wazuh-install-files.tar. It contains the Wazuh cluster key, certificates, and passwords necessary for installation. 24/10/2023 15:33:55 INFO: --- Wazuh indexer --- 24/10/2023 15:33:55 INFO: Starting Wazuh indexer installation. 24/10/2023 15:36:15 INFO: Wazuh indexer installation finished. 24/10/2023 15:36:15 INFO: Wazuh indexer post-install configuration finished. 24/10/2023 15:36:15 INFO: Starting service wazuh-indexer. 24/10/2023 15:36:25 INFO: wazuh-indexer service started. 24/10/2023 15:36:25 INFO: Initializing Wazuh indexer cluster security settings. 24/10/2023 15:36:36 INFO: Wazuh indexer cluster initialized. 24/10/2023 15:36:36 INFO: --- Wazuh server --- 24/10/2023 15:36:36 INFO: Starting the Wazuh manager installation. 24/10/2023 15:37:59 INFO: Wazuh manager installation finished. 24/10/2023 15:37:59 INFO: Starting service wazuh-manager. 24/10/2023 15:38:13 INFO: wazuh-manager service started. 24/10/2023 15:38:13 INFO: Starting Filebeat installation. 24/10/2023 15:38:31 INFO: Filebeat installation finished. 24/10/2023 15:38:32 INFO: Filebeat post-install configuration finished. 24/10/2023 15:38:32 INFO: Starting service filebeat. 24/10/2023 15:38:33 INFO: filebeat service started. 24/10/2023 15:38:33 INFO: --- Wazuh dashboard --- 24/10/2023 15:38:38 INFO: Starting Wazuh dashboard installation. 24/10/2023 15:40:17 INFO: Wazuh dashboard installation finished. 24/10/2023 15:40:17 INFO: Wazuh dashboard post-install configuration finished. 24/10/2023 15:40:17 INFO: Starting service wazuh-dashboard. 24/10/2023 15:40:17 INFO: wazuh-dashboard service started. 24/10/2023 15:40:37 INFO: Initializing Wazuh dashboard web application. 24/10/2023 15:40:37 INFO: Wazuh dashboard web application initialized. 24/10/2023 15:40:37 INFO: --- Summary --- 24/10/2023 15:40:37 INFO: You can access the web interface https://:443 User: admin Password: eE3IYxlNuWTpl1?zMpu.oiHr7E?QnPLR 24/10/2023 15:40:37 INFO: Installation finished. ```

UFW disable

```console [root@rocky8 unattended_installer]# ufw status Status: inactive [root@rocky8 unattended_installer]# bash wazuh-install.sh -a -i -o 24/10/2023 15:41:42 INFO: Starting Wazuh installation assistant. Wazuh version: 4.7.0 24/10/2023 15:41:42 INFO: Verbose logging redirected to /var/log/wazuh-install.log 24/10/2023 15:41:49 INFO: --- Removing existing Wazuh installation --- 24/10/2023 15:41:49 INFO: Removing Wazuh manager. 24/10/2023 15:42:18 INFO: Wazuh manager removed. 24/10/2023 15:42:18 INFO: Removing Wazuh indexer. 24/10/2023 15:42:20 INFO: Wazuh indexer removed. 24/10/2023 15:42:20 INFO: Removing Filebeat. 24/10/2023 15:42:21 INFO: Filebeat removed. 24/10/2023 15:42:21 INFO: Removing Wazuh dashboard. 24/10/2023 15:42:30 INFO: Wazuh dashboard removed. 24/10/2023 15:42:31 INFO: Installation cleaned. 24/10/2023 15:42:35 WARNING: Hardware and system checks ignored. 24/10/2023 15:42:35 INFO: Wazuh web interface port will be 443. 24/10/2023 15:42:39 INFO: Wazuh development repository added. 24/10/2023 15:42:39 INFO: --- Configuration files --- 24/10/2023 15:42:39 INFO: Generating configuration files. 24/10/2023 15:42:40 INFO: Created wazuh-install-files.tar. It contains the Wazuh cluster key, certificates, and passwords necessary for installation. 24/10/2023 15:42:40 INFO: --- Wazuh indexer --- 24/10/2023 15:42:40 INFO: Starting Wazuh indexer installation. 24/10/2023 15:46:36 INFO: Wazuh indexer installation finished. 24/10/2023 15:46:36 INFO: Wazuh indexer post-install configuration finished. 24/10/2023 15:46:36 INFO: Starting service wazuh-indexer. 24/10/2023 15:46:46 INFO: wazuh-indexer service started. 24/10/2023 15:46:46 INFO: Initializing Wazuh indexer cluster security settings. 24/10/2023 15:46:57 INFO: Wazuh indexer cluster initialized. 24/10/2023 15:46:57 INFO: --- Wazuh server --- 24/10/2023 15:46:57 INFO: Starting the Wazuh manager installation. 24/10/2023 15:48:46 INFO: Wazuh manager installation finished. 24/10/2023 15:48:46 INFO: Starting service wazuh-manager. 24/10/2023 15:48:58 INFO: wazuh-manager service started. 24/10/2023 15:48:58 INFO: Starting Filebeat installation. 24/10/2023 15:49:16 INFO: Filebeat installation finished. 24/10/2023 15:49:18 INFO: Filebeat post-install configuration finished. 24/10/2023 15:49:18 INFO: Starting service filebeat. 24/10/2023 15:49:19 INFO: filebeat service started. 24/10/2023 15:49:19 INFO: --- Wazuh dashboard --- 24/10/2023 15:49:24 INFO: Starting Wazuh dashboard installation. 24/10/2023 15:51:45 INFO: Wazuh dashboard installation finished. 24/10/2023 15:51:45 INFO: Wazuh dashboard post-install configuration finished. 24/10/2023 15:51:45 INFO: Starting service wazuh-dashboard. 24/10/2023 15:51:45 INFO: wazuh-dashboard service started. 24/10/2023 15:52:06 INFO: Initializing Wazuh dashboard web application. 24/10/2023 15:52:07 INFO: Wazuh dashboard web application initialized. 24/10/2023 15:52:07 INFO: --- Summary --- 24/10/2023 15:52:07 INFO: You can access the web interface https://:443 User: admin Password: H8t4n*8zPGxgM.lElNoKqf5+Wcs.GY+w 24/10/2023 15:52:07 INFO: Installation finished. ```

UFW uninstalled

```console [root@rocky8 unattended_installer]# yum list installed | grep ufw [root@rocky8 unattended_installer]# bash wazuh-install.sh -a -i -o 24/10/2023 15:52:56 INFO: Starting Wazuh installation assistant. Wazuh version: 4.7.0 24/10/2023 15:52:56 INFO: Verbose logging redirected to /var/log/wazuh-install.log 24/10/2023 15:53:03 INFO: --- Removing existing Wazuh installation --- 24/10/2023 15:53:03 INFO: Removing Wazuh manager. 24/10/2023 15:53:28 INFO: Wazuh manager removed. 24/10/2023 15:53:28 INFO: Removing Wazuh indexer. 24/10/2023 15:53:30 INFO: Wazuh indexer removed. 24/10/2023 15:53:30 INFO: Removing Filebeat. 24/10/2023 15:53:31 INFO: Filebeat removed. 24/10/2023 15:53:31 INFO: Removing Wazuh dashboard. 24/10/2023 15:53:40 INFO: Wazuh dashboard removed. 24/10/2023 15:53:40 INFO: Installation cleaned. 24/10/2023 15:53:45 WARNING: Hardware and system checks ignored. 24/10/2023 15:53:45 INFO: Wazuh web interface port will be 443. 24/10/2023 15:53:48 INFO: Wazuh development repository added. 24/10/2023 15:53:48 INFO: --- Configuration files --- 24/10/2023 15:53:48 INFO: Generating configuration files. 24/10/2023 15:53:49 INFO: Created wazuh-install-files.tar. It contains the Wazuh cluster key, certificates, and passwords necessary for installation. 24/10/2023 15:53:49 INFO: --- Wazuh indexer --- 24/10/2023 15:53:49 INFO: Starting Wazuh indexer installation. 24/10/2023 15:58:21 INFO: Wazuh indexer installation finished. 24/10/2023 15:58:21 INFO: Wazuh indexer post-install configuration finished. 24/10/2023 15:58:21 INFO: Starting service wazuh-indexer. 24/10/2023 15:58:31 INFO: wazuh-indexer service started. 24/10/2023 15:58:31 INFO: Initializing Wazuh indexer cluster security settings. 24/10/2023 15:58:42 INFO: Wazuh indexer cluster initialized. 24/10/2023 15:58:42 INFO: --- Wazuh server --- 24/10/2023 15:58:42 INFO: Starting the Wazuh manager installation. 24/10/2023 16:00:33 INFO: Wazuh manager installation finished. 24/10/2023 16:00:33 INFO: Starting service wazuh-manager. 24/10/2023 16:00:45 INFO: wazuh-manager service started. 24/10/2023 16:00:45 INFO: Starting Filebeat installation. 24/10/2023 16:01:08 INFO: Filebeat installation finished. 24/10/2023 16:01:10 INFO: Filebeat post-install configuration finished. 24/10/2023 16:01:10 INFO: Starting service filebeat. 24/10/2023 16:01:10 INFO: filebeat service started. 24/10/2023 16:01:10 INFO: --- Wazuh dashboard --- 24/10/2023 16:01:15 INFO: Starting Wazuh dashboard installation. 24/10/2023 16:03:51 INFO: Wazuh dashboard installation finished. 24/10/2023 16:03:51 INFO: Wazuh dashboard post-install configuration finished. 24/10/2023 16:03:51 INFO: Starting service wazuh-dashboard. 24/10/2023 16:03:51 INFO: wazuh-dashboard service started. 24/10/2023 16:04:11 INFO: Initializing Wazuh dashboard web application. 24/10/2023 16:04:12 INFO: Wazuh dashboard web application initialized. 24/10/2023 16:04:12 INFO: --- Summary --- 24/10/2023 16:04:12 INFO: You can access the web interface https://:443 User: admin Password: nnTn3yDw?yoB1yzNX4aXG+XyVGcsOX+* 24/10/2023 16:04:12 INFO: Installation finished. ```

Firewalld enable

```console [root@rocky8 unattended_installer]# bash wazuh-install.sh -a -i 24/10/2023 15:01:23 INFO: Starting Wazuh installation assistant. Wazuh version: 4.7.0 24/10/2023 15:01:23 INFO: Verbose logging redirected to /var/log/wazuh-install.log 24/10/2023 15:01:32 WARNING: Hardware and system checks ignored. 24/10/2023 15:01:32 INFO: Wazuh web interface port will be 443. 24/10/2023 15:01:34 WARNING: The system has Firewalld installed. Please ensure that traffic is allowed on these ports: 1515 1514 443. 24/10/2023 15:01:35 INFO: Wazuh development repository added. 24/10/2023 15:01:35 INFO: --- Configuration files --- 24/10/2023 15:01:35 INFO: Generating configuration files. 24/10/2023 15:01:37 INFO: Created wazuh-install-files.tar. It contains the Wazuh cluster key, certificates, and passwords necessary for installation. 24/10/2023 15:01:37 INFO: --- Wazuh indexer --- 24/10/2023 15:01:37 INFO: Starting Wazuh indexer installation. 24/10/2023 15:04:17 INFO: Wazuh indexer installation finished. 24/10/2023 15:04:17 INFO: Wazuh indexer post-install configuration finished. 24/10/2023 15:04:17 INFO: Starting service wazuh-indexer. 24/10/2023 15:04:28 INFO: wazuh-indexer service started. 24/10/2023 15:04:28 INFO: Initializing Wazuh indexer cluster security settings. 24/10/2023 15:04:39 INFO: Wazuh indexer cluster initialized. 24/10/2023 15:04:39 INFO: --- Wazuh server --- 24/10/2023 15:04:39 INFO: Starting the Wazuh manager installation. 24/10/2023 15:05:55 INFO: Wazuh manager installation finished. 24/10/2023 15:05:55 INFO: Starting service wazuh-manager. 24/10/2023 15:06:08 INFO: wazuh-manager service started. 24/10/2023 15:06:08 INFO: Starting Filebeat installation. 24/10/2023 15:06:17 INFO: Filebeat installation finished. 24/10/2023 15:06:19 INFO: Filebeat post-install configuration finished. 24/10/2023 15:06:19 INFO: Starting service filebeat. 24/10/2023 15:06:19 INFO: filebeat service started. 24/10/2023 15:06:19 INFO: --- Wazuh dashboard --- 24/10/2023 15:06:24 INFO: --- Dependencies --- 24/10/2023 15:06:24 INFO: Installing chromium. 24/10/2023 15:07:16 INFO: Installing nss. 24/10/2023 15:07:19 INFO: Installing xorg-x11-fonts-100dpi. 24/10/2023 15:07:23 INFO: Installing xorg-x11-fonts-75dpi. 24/10/2023 15:07:27 INFO: Installing xorg-x11-utils. 24/10/2023 15:07:30 INFO: Installing xorg-x11-fonts-cyrillic. 24/10/2023 15:07:32 INFO: Installing xorg-x11-fonts-Type1. 24/10/2023 15:07:34 INFO: Installing xorg-x11-fonts-misc. 24/10/2023 15:07:40 INFO: Installing fontconfig. 24/10/2023 15:07:41 INFO: Starting Wazuh dashboard installation. 24/10/2023 15:09:09 INFO: Wazuh dashboard installation finished. 24/10/2023 15:09:09 INFO: Wazuh dashboard post-install configuration finished. 24/10/2023 15:09:09 INFO: Starting service wazuh-dashboard. 24/10/2023 15:09:10 INFO: wazuh-dashboard service started. 24/10/2023 15:09:29 INFO: Initializing Wazuh dashboard web application. 24/10/2023 15:09:29 INFO: Wazuh dashboard web application initialized. 24/10/2023 15:09:29 INFO: --- Summary --- 24/10/2023 15:09:29 INFO: You can access the web interface https://:443 User: admin Password: mO4sYf+Z3y+DZ24kgqKkmL74uYrc9kJj 24/10/2023 15:09:29 INFO: Installation finished. ```

Firewalld disable

```console [root@rocky8 unattended_installer]# firewall-cmd --state not running [root@rocky8 unattended_installer]# bash wazuh-install.sh -a -i -o 24/10/2023 15:15:15 INFO: Starting Wazuh installation assistant. Wazuh version: 4.7.0 24/10/2023 15:15:15 INFO: Verbose logging redirected to /var/log/wazuh-install.log 24/10/2023 15:15:22 INFO: --- Removing existing Wazuh installation --- 24/10/2023 15:15:22 INFO: Removing Wazuh manager. 24/10/2023 15:15:50 INFO: Wazuh manager removed. 24/10/2023 15:15:50 INFO: Removing Wazuh indexer. 24/10/2023 15:15:52 INFO: Wazuh indexer removed. 24/10/2023 15:15:52 INFO: Removing Filebeat. 24/10/2023 15:15:53 INFO: Filebeat removed. 24/10/2023 15:15:53 INFO: Removing Wazuh dashboard. 24/10/2023 15:16:03 INFO: Wazuh dashboard removed. 24/10/2023 15:16:03 INFO: Installation cleaned. 24/10/2023 15:16:07 WARNING: Hardware and system checks ignored. 24/10/2023 15:16:07 INFO: Wazuh web interface port will be 443. 24/10/2023 15:16:11 INFO: Wazuh development repository added. 24/10/2023 15:16:11 INFO: --- Configuration files --- 24/10/2023 15:16:11 INFO: Generating configuration files. 24/10/2023 15:16:11 INFO: Created wazuh-install-files.tar. It contains the Wazuh cluster key, certificates, and passwords necessary for installation. 24/10/2023 15:16:12 INFO: --- Wazuh indexer --- 24/10/2023 15:16:12 INFO: Starting Wazuh indexer installation. 24/10/2023 15:18:24 INFO: Wazuh indexer installation finished. 24/10/2023 15:18:24 INFO: Wazuh indexer post-install configuration finished. 24/10/2023 15:18:24 INFO: Starting service wazuh-indexer. 24/10/2023 15:18:34 INFO: wazuh-indexer service started. 24/10/2023 15:18:34 INFO: Initializing Wazuh indexer cluster security settings. 24/10/2023 15:18:44 INFO: Wazuh indexer cluster initialized. 24/10/2023 15:18:44 INFO: --- Wazuh server --- 24/10/2023 15:18:44 INFO: Starting the Wazuh manager installation. 24/10/2023 15:19:58 INFO: Wazuh manager installation finished. 24/10/2023 15:19:58 INFO: Starting service wazuh-manager. 24/10/2023 15:20:12 INFO: wazuh-manager service started. 24/10/2023 15:20:12 INFO: Starting Filebeat installation. 24/10/2023 15:20:20 INFO: Filebeat installation finished. 24/10/2023 15:20:22 INFO: Filebeat post-install configuration finished. 24/10/2023 15:20:22 INFO: Starting service filebeat. 24/10/2023 15:20:22 INFO: filebeat service started. 24/10/2023 15:20:22 INFO: --- Wazuh dashboard --- 24/10/2023 15:20:27 INFO: Starting Wazuh dashboard installation. 24/10/2023 15:21:59 INFO: Wazuh dashboard installation finished. 24/10/2023 15:21:59 INFO: Wazuh dashboard post-install configuration finished. 24/10/2023 15:21:59 INFO: Starting service wazuh-dashboard. 24/10/2023 15:21:59 INFO: wazuh-dashboard service started. 24/10/2023 15:22:19 INFO: Initializing Wazuh dashboard web application. 24/10/2023 15:22:20 INFO: Wazuh dashboard web application initialized. 24/10/2023 15:22:20 INFO: --- Summary --- 24/10/2023 15:22:20 INFO: You can access the web interface https://:443 User: admin Password: w3?+icpRX*.30Ym6WD4tYn6mvBsx*1rn 24/10/2023 15:22:20 INFO: Installation finished. ```

Firewalld uninstalled

```console [root@rocky8 unattended_installer]# yum list installed | grep firewalld [root@rocky8 unattended_installer]# bash wazuh-install.sh -a -i -o 24/10/2023 15:24:17 INFO: Starting Wazuh installation assistant. Wazuh version: 4.7.0 24/10/2023 15:24:17 INFO: Verbose logging redirected to /var/log/wazuh-install.log 24/10/2023 15:24:24 INFO: --- Removing existing Wazuh installation --- 24/10/2023 15:24:24 INFO: Removing Wazuh manager. 24/10/2023 15:24:51 INFO: Wazuh manager removed. 24/10/2023 15:24:51 INFO: Removing Wazuh indexer. 24/10/2023 15:24:53 INFO: Wazuh indexer removed. 24/10/2023 15:24:53 INFO: Removing Filebeat. 24/10/2023 15:24:54 INFO: Filebeat removed. 24/10/2023 15:24:54 INFO: Removing Wazuh dashboard. 24/10/2023 15:25:04 INFO: Wazuh dashboard removed. 24/10/2023 15:25:05 INFO: Installation cleaned. 24/10/2023 15:25:09 WARNING: Hardware and system checks ignored. 24/10/2023 15:25:09 INFO: Wazuh web interface port will be 443. 24/10/2023 15:25:12 INFO: Wazuh development repository added. 24/10/2023 15:25:12 INFO: --- Configuration files --- 24/10/2023 15:25:12 INFO: Generating configuration files. 24/10/2023 15:25:13 INFO: Created wazuh-install-files.tar. It contains the Wazuh cluster key, certificates, and passwords necessary for installation. 24/10/2023 15:25:13 INFO: --- Wazuh indexer --- 24/10/2023 15:25:13 INFO: Starting Wazuh indexer installation. 24/10/2023 15:27:42 INFO: Wazuh indexer installation finished. 24/10/2023 15:27:42 INFO: Wazuh indexer post-install configuration finished. 24/10/2023 15:27:42 INFO: Starting service wazuh-indexer. 24/10/2023 15:27:53 INFO: wazuh-indexer service started. 24/10/2023 15:27:53 INFO: Initializing Wazuh indexer cluster security settings. 24/10/2023 15:28:04 INFO: Wazuh indexer cluster initialized. 24/10/2023 15:28:04 INFO: --- Wazuh server --- 24/10/2023 15:28:04 INFO: Starting the Wazuh manager installation. 24/10/2023 15:29:21 INFO: Wazuh manager installation finished. 24/10/2023 15:29:21 INFO: Starting service wazuh-manager. 24/10/2023 15:29:36 INFO: wazuh-manager service started. 24/10/2023 15:29:36 INFO: Starting Filebeat installation. 24/10/2023 15:29:45 INFO: Filebeat installation finished. 24/10/2023 15:29:46 INFO: Filebeat post-install configuration finished. 24/10/2023 15:29:46 INFO: Starting service filebeat. 24/10/2023 15:29:46 INFO: filebeat service started. 24/10/2023 15:29:46 INFO: --- Wazuh dashboard --- 24/10/2023 15:29:52 INFO: Starting Wazuh dashboard installation. 24/10/2023 15:31:30 INFO: Wazuh dashboard installation finished. 24/10/2023 15:31:30 INFO: Wazuh dashboard post-install configuration finished. 24/10/2023 15:31:30 INFO: Starting service wazuh-dashboard. 24/10/2023 15:31:30 INFO: wazuh-dashboard service started. 24/10/2023 15:31:50 INFO: Initializing Wazuh dashboard web application. 24/10/2023 15:31:51 INFO: Wazuh dashboard web application initialized. 24/10/2023 15:31:51 INFO: --- Summary --- 24/10/2023 15:31:51 INFO: You can access the web interface https://:443 User: admin Password: e4ztq6M*PDLWtkowDbCiK2CW+p5aIhfH 24/10/2023 15:31:51 INFO: Installation finished. ```

Firewalld and UFW enabled

```console [root@rocky8 unattended_installer]# ufw status Status: active To Action From -- ------ ---- SSH ALLOW Anywhere 224.0.0.251 mDNS ALLOW Anywhere SSH (v6) ALLOW Anywhere (v6) ff02::fb mDNS ALLOW Anywhere (v6) [root@rocky8 unattended_installer]# firewall-cmd --state running [root@rocky8 unattended_installer]# bash builder.sh -i -d [root@rocky8 unattended_installer]# bash wazuh-install.sh -a -i 24/10/2023 17:19:23 INFO: Starting Wazuh installation assistant. Wazuh version: 4.7.0 24/10/2023 17:19:23 INFO: Verbose logging redirected to /var/log/wazuh-install.log 24/10/2023 17:19:33 WARNING: Hardware and system checks ignored. 24/10/2023 17:19:33 INFO: Wazuh web interface port will be 443. 24/10/2023 17:19:34 WARNING: The system has Firewalld installed. Please ensure that traffic is allowed on these ports: 1515 1514 443. 24/10/2023 17:19:34 WARNING: The system has UFW installed. Please ensure that traffic is allowed on these ports: 1515 1514 443. 24/10/2023 17:19:37 INFO: Wazuh development repository added. 24/10/2023 17:19:37 INFO: --- Configuration files --- 24/10/2023 17:19:37 INFO: Generating configuration files. 24/10/2023 17:19:37 INFO: Created wazuh-install-files.tar. It contains the Wazuh cluster key, certificates, and passwords necessary for installation. 24/10/2023 17:19:38 INFO: --- Wazuh indexer --- 24/10/2023 17:19:38 INFO: Starting Wazuh indexer installation. 24/10/2023 17:22:07 INFO: Wazuh indexer installation finished. 24/10/2023 17:22:07 INFO: Wazuh indexer post-install configuration finished. 24/10/2023 17:22:07 INFO: Starting service wazuh-indexer. 24/10/2023 17:22:17 INFO: wazuh-indexer service started. 24/10/2023 17:22:17 INFO: Initializing Wazuh indexer cluster security settings. 24/10/2023 17:22:29 INFO: Wazuh indexer cluster initialized. 24/10/2023 17:22:29 INFO: --- Wazuh server --- 24/10/2023 17:22:29 INFO: Starting the Wazuh manager installation. 24/10/2023 17:23:51 INFO: Wazuh manager installation finished. 24/10/2023 17:23:51 INFO: Starting service wazuh-manager. 24/10/2023 17:24:03 INFO: wazuh-manager service started. 24/10/2023 17:24:03 INFO: Starting Filebeat installation. 24/10/2023 17:24:11 INFO: Filebeat installation finished. 24/10/2023 17:24:12 INFO: Filebeat post-install configuration finished. 24/10/2023 17:24:12 INFO: Starting service filebeat. 24/10/2023 17:24:13 INFO: filebeat service started. 24/10/2023 17:24:13 INFO: --- Wazuh dashboard --- 24/10/2023 17:24:18 INFO: --- Dependencies --- 24/10/2023 17:24:18 INFO: Installing chromium. 24/10/2023 17:25:26 INFO: Installing nss. 24/10/2023 17:25:29 INFO: Installing xorg-x11-fonts-100dpi. 24/10/2023 17:25:32 INFO: Installing xorg-x11-fonts-75dpi. 24/10/2023 17:25:36 INFO: Installing xorg-x11-utils. 24/10/2023 17:25:38 INFO: Installing xorg-x11-fonts-cyrillic. 24/10/2023 17:25:41 INFO: Installing xorg-x11-fonts-Type1. 24/10/2023 17:25:44 INFO: Installing xorg-x11-fonts-misc. 24/10/2023 17:25:49 INFO: Installing fontconfig. 24/10/2023 17:25:49 INFO: Starting Wazuh dashboard installation. 24/10/2023 17:27:22 INFO: Wazuh dashboard installation finished. 24/10/2023 17:27:22 INFO: Wazuh dashboard post-install configuration finished. 24/10/2023 17:27:22 INFO: Starting service wazuh-dashboard. 24/10/2023 17:27:22 INFO: wazuh-dashboard service started. 24/10/2023 17:27:42 INFO: Initializing Wazuh dashboard web application. 24/10/2023 17:27:43 INFO: Wazuh dashboard web application initialized. 24/10/2023 17:27:43 INFO: --- Summary --- 24/10/2023 17:27:43 INFO: You can access the web interface https://:443 User: admin Password: 5vAhy32.*T2Mi8I1Lx0tztcjxT7wk9pN 24/10/2023 17:27:43 INFO: Installation finished. ```