search

wazuh / wazuh-packages

Wazuh - Tools for packages creation
https://wazuh.com
GNU General Public License v2.0
105 stars 97 forks source link

Support Ubuntu 24.04 in wazuh-install.sh #2931

Closed mjcr99 closed 6 months ago

mjcr99 commented 7 months ago
Wazuh version Install type Action performed Platform
4.7.4 All in one Install Ubuntu 24.04

Hi team,

The Ubuntu 24.04 version has been released, but the all-in-one script does not currently support this version in one installation script, make it mandatory to use the -i option to run the script. This new version should be added and supported.

This behavior was observed in this issue: https://github.com/wazuh/wazuh/issues/23133

davidcr01 commented 6 months ago

Update Report

Development

I changed the check_dist function and I modified the conditional that checks the distribution version of the Ubuntu system.

Testing

With the change, the Installation assistant installs Wazuh correctly after recognizing the system, without the -i option.

root@ip-172-31-39-91:/home/ubuntu# cat /etc/os-release 
PRETTY_NAME="Ubuntu 24.04 LTS"
NAME="Ubuntu"
VERSION_ID="24.04"
VERSION="24.04 LTS (Noble Numbat)"
VERSION_CODENAME=noble
ID=ubuntu
ID_LIKE=debian
HOME_URL="https://www.ubuntu.com/"
SUPPORT_URL="https://help.ubuntu.com/"
BUG_REPORT_URL="https://bugs.launchpad.net/ubuntu/"
PRIVACY_POLICY_URL="https://www.ubuntu.com/legal/terms-and-policies/privacy-policy"
UBUNTU_CODENAME=noble
LOGO=ubuntu-logo
root@ip-172-31-39-91:/home/ubuntu#

The distribution is fetched correctly: 09/05/2024 08:48:30 DEBUG: Detected distribution version: 24

Complete log ```console root@ip-172-31-39-91:/home/ubuntu# bash wazuh-install.sh -a -v 09/05/2024 08:48:30 DEBUG: Checking root permissions. 09/05/2024 08:48:30 DEBUG: Checking sudo package. 09/05/2024 08:48:30 INFO: Starting Wazuh installation assistant. Wazuh version: 4.8.0 09/05/2024 08:48:30 INFO: Verbose logging redirected to /var/log/wazuh-install.log 09/05/2024 08:48:30 DEBUG: APT package manager will be used. 09/05/2024 08:48:30 DEBUG: Checking system distribution. 09/05/2024 08:48:30 DEBUG: Detected distribution name: ubuntu 09/05/2024 08:48:30 DEBUG: Detected distribution version: 24 09/05/2024 08:48:30 DEBUG: Installing check dependencies. Get:1 http://us-east-1.ec2.archive.ubuntu.com/ubuntu noble InRelease [256 kB] Get:2 http://us-east-1.ec2.archive.ubuntu.com/ubuntu noble-updates InRelease [89.7 kB] Get:3 http://us-east-1.ec2.archive.ubuntu.com/ubuntu noble-backports InRelease [89.7 kB] Get:4 http://security.ubuntu.com/ubuntu noble-security InRelease [89.7 kB] Get:5 http://us-east-1.ec2.archive.ubuntu.com/ubuntu noble/main amd64 Packages [1401 kB] Get:6 http://us-east-1.ec2.archive.ubuntu.com/ubuntu noble/main Translation-en [513 kB] Get:7 http://us-east-1.ec2.archive.ubuntu.com/ubuntu noble/universe amd64 Packages [15.0 MB] Get:8 http://us-east-1.ec2.archive.ubuntu.com/ubuntu noble/universe Translation-en [5982 kB] Get:9 http://us-east-1.ec2.archive.ubuntu.com/ubuntu noble/universe amd64 Components [3871 kB] Get:10 http://us-east-1.ec2.archive.ubuntu.com/ubuntu noble/universe amd64 c-n-f Metadata [301 kB] Get:11 http://us-east-1.ec2.archive.ubuntu.com/ubuntu noble/restricted amd64 Packages [93.9 kB] Get:12 http://us-east-1.ec2.archive.ubuntu.com/ubuntu noble/restricted Translation-en [18.7 kB] Get:13 http://us-east-1.ec2.archive.ubuntu.com/ubuntu noble/multiverse amd64 Packages [269 kB] Get:14 http://us-east-1.ec2.archive.ubuntu.com/ubuntu noble/multiverse Translation-en [118 kB] Get:15 http://us-east-1.ec2.archive.ubuntu.com/ubuntu noble/multiverse amd64 Components [35.0 kB] Get:16 http://us-east-1.ec2.archive.ubuntu.com/ubuntu noble/multiverse amd64 c-n-f Metadata [8328 B] Get:17 http://us-east-1.ec2.archive.ubuntu.com/ubuntu noble-updates/main amd64 Packages [27.1 kB] Get:18 http://us-east-1.ec2.archive.ubuntu.com/ubuntu noble-updates/main Translation-en [8740 B] Get:19 http://us-east-1.ec2.archive.ubuntu.com/ubuntu noble-updates/universe amd64 Packages [16.9 kB] Get:20 http://us-east-1.ec2.archive.ubuntu.com/ubuntu noble-updates/universe Translation-en [5824 B] Get:21 http://us-east-1.ec2.archive.ubuntu.com/ubuntu noble-updates/universe amd64 c-n-f Metadata [112 B] Get:22 http://us-east-1.ec2.archive.ubuntu.com/ubuntu noble-updates/multiverse amd64 c-n-f Metadata [116 B] Get:23 http://us-east-1.ec2.archive.ubuntu.com/ubuntu noble-backports/main amd64 c-n-f Metadata [112 B] Get:24 http://us-east-1.ec2.archive.ubuntu.com/ubuntu noble-backports/universe amd64 Packages [3936 B] Get:25 http://us-east-1.ec2.archive.ubuntu.com/ubuntu noble-backports/universe Translation-en [1392 B] Get:26 http://us-east-1.ec2.archive.ubuntu.com/ubuntu noble-backports/universe amd64 c-n-f Metadata [116 B] Get:27 http://us-east-1.ec2.archive.ubuntu.com/ubuntu noble-backports/restricted amd64 c-n-f Metadata [116 B] Get:28 http://us-east-1.ec2.archive.ubuntu.com/ubuntu noble-backports/multiverse amd64 c-n-f Metadata [116 B] Get:29 http://security.ubuntu.com/ubuntu noble-security/main amd64 Packages [22.5 kB] Get:30 http://security.ubuntu.com/ubuntu noble-security/main Translation-en [6880 B] Get:31 http://security.ubuntu.com/ubuntu noble-security/universe amd64 Packages [9256 B] Get:32 http://security.ubuntu.com/ubuntu noble-security/universe Translation-en [4060 B] Get:33 http://security.ubuntu.com/ubuntu noble-security/universe amd64 c-n-f Metadata [112 B] Get:34 http://security.ubuntu.com/ubuntu noble-security/multiverse amd64 c-n-f Metadata [116 B] Fetched 28.3 MB in 5s (5151 kB/s) Reading package lists... 09/05/2024 08:48:49 DEBUG: Checking Wazuh installation. 09/05/2024 08:48:50 DEBUG: Checking system architecture. 09/05/2024 08:48:50 INFO: Verifying that your system meets the recommended minimum hardware requirements. 09/05/2024 08:48:50 DEBUG: CPU cores detected: 2 09/05/2024 08:48:50 DEBUG: Free RAM memory detected: 3848 09/05/2024 08:48:50 DEBUG: Installing check dependencies. Hit:1 http://us-east-1.ec2.archive.ubuntu.com/ubuntu noble InRelease Hit:2 http://us-east-1.ec2.archive.ubuntu.com/ubuntu noble-updates InRelease Hit:3 http://us-east-1.ec2.archive.ubuntu.com/ubuntu noble-backports InRelease Hit:4 http://security.ubuntu.com/ubuntu noble-security InRelease Reading package lists... 09/05/2024 08:48:57 INFO: Wazuh web interface port will be 443. 09/05/2024 08:48:57 DEBUG: Checking ports availability. Hit:1 http://us-east-1.ec2.archive.ubuntu.com/ubuntu noble InRelease Hit:2 http://us-east-1.ec2.archive.ubuntu.com/ubuntu noble-updates InRelease Hit:3 http://us-east-1.ec2.archive.ubuntu.com/ubuntu noble-backports InRelease Hit:4 http://security.ubuntu.com/ubuntu noble-security InRelease Reading package lists... 09/05/2024 08:49:01 DEBUG: Installing prerequisites dependencies. 09/05/2024 08:49:06 INFO: --- Dependencies ---- 09/05/2024 08:49:06 INFO: Installing apt-transport-https. Reading package lists... Building dependency tree... Reading state information... The following NEW packages will be installed: apt-transport-https 0 upgraded, 1 newly installed, 0 to remove and 21 not upgraded. Need to get 3974 B of archives. After this operation, 35.8 kB of additional disk space will be used. Get:1 http://us-east-1.ec2.archive.ubuntu.com/ubuntu noble/universe amd64 apt-transport-https all 2.7.14build2 [3974 B] Fetched 3974 B in 0s (185 kB/s) Sel Running kernel seems to be up-to-date. No services need to be restarted. No containers need to be restarted. No user sessions are running outdated binaries. No VM guests are running outdated hypervisor (qemu) binaries on this host. 09/05/2024 08:49:12 INFO: Installing debhelper. Reading package lists... Building dependency tree... Reading state information... The following additional packages will be installed: autoconf automake autopoint autotools-dev binutils binutils-common binutils-x86-64-linux-gnu build-essential bzip2 cpp cpp-13 cpp-13-x86-64-linux-gnu cpp-x86-64-linux-gnu debugedit dh-autoreconf dh-strip-nondeterminism dpkg-dev dwz fakeroot g++ g++-13 g++-13-x86-64-linux-gnu g++-x86-64-linux-gnu gcc gcc-13 gcc-13-base gcc-13-x86-64-linux-gnu gcc-x86-64-linux-gnu gettext intltool-debian libalgorithm-diff-perl libalgorithm-diff-xs-perl libalgorithm-merge-perl libarchive-cpio-perl libarchive-zip-perl libasan8 libatomic1 libbinutils libcc1-0 libctf-nobfd0 libctf0 libdebhelper-perl libdpkg-perl libfakeroot libfile-fcntllock-perl libfile-stripnondeterminism-perl libgcc-13-dev libgomp1 libgprofng0 libhwasan0 libisl23 libitm1 liblsan0 libltdl-dev libltdl7 libmail-sendmail-perl libmpc3 libquadmath0 libsframe1 libstdc++-13-dev libsub-override-perl libsys-hostname-long-perl libtool libtsan2 libubsan1 lto-disabled-list m4 make po-debconf Suggested packages: autoconf-archive gnu-standards autoconf-doc binutils-doc gprofng-gui bzip2-doc cpp-doc gcc-13-locales cpp-13-doc dh-make debian-keyring g++-multilib g++-13-multilib gcc-13-doc gcc-multilib flex bison gdb gcc-doc gcc-13-multilib gdb-x86-64-linux-gnu gettext-doc libasprintf-dev libgettextpo-dev bzr libtool-doc libstdc++-13-doc gfortran | fortran95-compiler gcj-jdk m4-doc make-doc libmail-box-perl The following NEW packages will be installed: autoconf automake autopoint autotools-dev binutils binutils-common binutils-x86-64-linux-gnu build-essential bzip2 cpp cpp-13 cpp-13-x86-64-linux-gnu cpp-x86-64-linux-gnu debhelper debugedit dh-autoreconf dh-strip-nondeterminism dpkg-dev dwz fakeroot g++ g++-13 g++-13-x86-64-linux-gnu g++-x86-64-linux-gnu gcc gcc-13 gcc-13-base gcc-13-x86-64-linux-gnu gcc-x86-64-linux-gnu gettext intltool-debian libalgorithm-diff-perl libalgorithm-diff-xs-perl libalgorithm-merge-perl libarchive-cpio-perl libarchive-zip-perl libasan8 libatomic1 libbinutils libcc1-0 libctf-nobfd0 libctf0 libdebhelper-perl libdpkg-perl libfakeroot libfile-fcntllock-perl libfile-stripnondeterminism-perl libgcc-13-dev libgomp1 libgprofng0 libhwasan0 libisl23 libitm1 liblsan0 libltdl-dev libltdl7 libmail-sendmail-perl libmpc3 libquadmath0 libsframe1 libstdc++-13-dev libsub-override-perl libsys-hostname-long-perl libtool libtsan2 libubsan1 lto-disabled-list m4 make po-debconf 0 upgraded, 70 newly installed, 0 to remove and 21 not upgraded. Need to get 72.8 MB of archives. After this operation, 261 MB of additional disk space will be used. Get:1 http://us-east-1.ec2.archive.ubuntu.com/ubuntu noble/main amd64 m4 amd64 1.4.19-4build1 [244 kB] Get:2 http://us-east-1.ec2.archive.ubuntu.com/ubuntu noble/main amd64 autoconf all 2.71-3 [339 kB] Get:3 http://us-east-1.ec2.archive.ubuntu.com/ubuntu noble/main amd64 autotools-dev all 20220109.1 [44.9 kB] Get:4 http://us-east-1.ec2.archive.ubuntu.com/ubuntu noble/main amd64 automake all 1:1.16.5-1.3ubuntu1 [558 kB] Get:5 http://us-east-1.ec2.archive.ubuntu.com/ubuntu noble/main amd64 autopoint all 0.21-14ubuntu2 [422 kB] Get:6 http://us-east-1.ec2.archive.ubuntu.com/ubuntu noble/main amd64 binutils-common amd64 2.42-4ubuntu2 [239 kB] Get:7 http://us-east-1.ec2.archive.ubuntu.com/ubuntu noble/main amd64 libsframe1 amd64 2.42-4ubuntu2 [14.8 kB] Get:8 http://us-east-1.ec2.archive.ubuntu.com/ubuntu noble/main amd64 libbinutils amd64 2.42-4ubuntu2 [572 kB] Get:9 http://us-east-1.ec2.archive.ubuntu.com/ubuntu noble/main amd64 libctf-nobfd0 amd64 2.42-4ubuntu2 [97.1 kB] Get:10 http://us-east-1.ec2.archive.ubuntu.com/ubuntu noble/main amd64 libctf0 amd64 2.42-4ubuntu2 [94.5 kB] Get:11 http://us-east-1.ec2.archive.ubuntu.com/ubuntu noble/main amd64 libgprofng0 amd64 2.42-4ubuntu2 [851 kB] Get:12 http://us-east-1.ec2.archive.ubuntu.com/ubuntu noble/main amd64 binutils-x86-64-linux-gnu amd64 2.42-4ubuntu2 [2469 kB] Get:13 http://us-east-1.ec2.archive.ubuntu.com/ubuntu noble/main amd64 binutils amd64 2.42-4ubuntu2 [18.0 kB] Get:14 http://us-east-1.ec2.archive.ubuntu.com/ubuntu noble/main amd64 gcc-13-base amd64 13.2.0-23ubuntu4 [49.0 kB] Get:15 http://us-east-1.ec2.archive.ubuntu.com/ubuntu noble/main amd64 libisl23 amd64 0.26-3build1 [680 kB] Get:16 http://us-east-1.ec2.archive.ubuntu.com/ubuntu noble/main amd64 libmpc3 amd64 1.3.1-1build1 [54.5 kB] Get:17 http://us-east-1.ec2.archive.ubuntu.com/ubuntu noble/main amd64 cpp-13-x86-64-linux-gnu amd64 13.2.0-23ubuntu4 [11.2 MB] Get:18 http://us-east-1.ec2.archive.ubuntu.com/ubuntu noble/main amd64 cpp-13 amd64 13.2.0-23ubuntu4 [1032 B] Get:19 http://us-east-1.ec2.archive.ubuntu.com/ubuntu noble/main amd64 cpp-x86-64-linux-gnu amd64 4:13.2.0-7ubuntu1 [5326 B] Get:20 http://us-east-1.ec2.archive.ubuntu.com/ubuntu noble/main amd64 cpp amd64 4:13.2.0-7ubuntu1 [22.4 kB] Get:21 http://us-east-1.ec2.archive.ubuntu.com/ubuntu noble/main amd64 libcc1-0 amd64 14-20240412-0ubuntu1 [47.7 kB] Get:22 http://us-east-1.ec2.archive.ubuntu.com/ubuntu noble/main amd64 libgomp1 amd64 14-20240412-0ubuntu1 [147 kB] Get:23 http://us-east-1.ec2.archive.ubuntu.com/ubuntu noble/main amd64 libitm1 amd64 14-20240412-0ubuntu1 [28.9 kB] Get:24 http://us-east-1.ec2.archive.ubuntu.com/ubuntu noble/main amd64 libatomic1 amd64 14-20240412-0ubuntu1 [10.4 kB] Get:25 http://us-east-1.ec2.archive.ubuntu.com/ubuntu noble/main amd64 libasan8 amd64 14-20240412-0ubuntu1 [3024 kB] Get:26 http://us-east-1.ec2.archive.ubuntu.com/ubuntu noble/main amd64 liblsan0 amd64 14-20240412-0ubuntu1 [1313 kB] Get:27 http://us-east-1.ec2.archive.ubuntu.com/ubuntu noble/main amd64 libtsan2 amd64 14-20240412-0ubuntu1 [2736 kB] Get:28 http://us-east-1.ec2.archive.ubuntu.com/ubuntu noble/main amd64 libubsan1 amd64 14-20240412-0ubuntu1 [1175 kB] Get:29 http://us-east-1.ec2.archive.ubuntu.com/ubuntu noble/main amd64 libhwasan0 amd64 14-20240412-0ubuntu1 [1632 kB] Get:30 http://us-east-1.ec2.archive.ubuntu.com/ubuntu noble/main amd64 libquadmath0 amd64 14-20240412-0ubuntu1 [153 kB] Get:31 http://us-east-1.ec2.archive.ubuntu.com/ubuntu noble/main amd64 libgcc-13-dev amd64 13.2.0-23ubuntu4 [2688 kB] Get:32 http://us-east-1.ec2.archive.ubuntu.com/ubuntu noble/main amd64 gcc-13-x86-64-linux-gnu amd64 13.2.0-23ubuntu4 [21.9 MB] Get:33 http://us-east-1.ec2.archive.ubuntu.com/ubuntu noble/main amd64 gcc-13 amd64 13.2.0-23ubuntu4 [482 kB] Get:34 http://us-east-1.ec2.archive.ubuntu.com/ubuntu noble/main amd64 gcc-x86-64-linux-gnu amd64 4:13.2.0-7ubuntu1 [1212 B] Get:35 http://us-east-1.ec2.archive.ubuntu.com/ubuntu noble/main amd64 gcc amd64 4:13.2.0-7ubuntu1 [5018 B] Get:36 http://us-east-1.ec2.archive.ubuntu.com/ubuntu noble/main amd64 libstdc++-13-dev amd64 13.2.0-23ubuntu4 [2399 kB] Get:37 http://us-east-1.ec2.archive.ubuntu.com/ubuntu noble/main amd64 g++-13-x86-64-linux-gnu amd64 13.2.0-23ubuntu4 [12.5 MB] Get:38 http://us-east-1.ec2.archive.ubuntu.com/ubuntu noble/main amd64 g++-13 amd64 13.2.0-23ubuntu4 [14.5 kB] Get:39 http://us-east-1.ec2.archive.ubuntu.com/ubuntu noble/main amd64 g++-x86-64-linux-gnu amd64 4:13.2.0-7ubuntu1 [964 B] Get:40 http://us-east-1.ec2.archive.ubuntu.com/ubuntu noble/main amd64 g++ amd64 4:13.2.0-7ubuntu1 [1100 B] Get:41 http://us-east-1.ec2.archive.ubuntu.com/ubuntu noble/main amd64 make amd64 4.3-4.1build2 [180 kB] Get:42 http://us-east-1.ec2.archive.ubuntu.com/ubuntu noble/main amd64 libdpkg-perl all 1.22.6ubuntu6 [268 kB] Get:43 http://us-east-1.ec2.archive.ubuntu.com/ubuntu noble/main amd64 bzip2 amd64 1.0.8-5.1 [34.5 kB] Get:44 http://us-east-1.ec2.archive.ubuntu.com/ubuntu noble/main amd64 lto-disabled-list all 47 [12.4 kB] Get:45 http://us-east-1.ec2.archive.ubuntu.com/ubuntu noble/main amd64 dpkg-dev all 1.22.6ubuntu6 [1074 kB] Get:46 http://us-east-1.ec2.archive.ubuntu.com/ubuntu noble/main amd64 build-essential amd64 12.10ubuntu1 [4928 B] Get:47 http://us-east-1.ec2.archive.ubuntu.com/ubuntu noble/main amd64 libdebhelper-perl all 13.14.1ubuntu5 [89.8 kB] Get:48 http://us-east-1.ec2.archive.ubuntu.com/ubuntu noble/main amd64 libtool all 2.4.7-7build1 [166 kB] Get:49 http://us-east-1.ec2.archive.ubuntu.com/ubuntu noble/main amd64 dh-autoreconf all 20 [16.1 kB] Get:50 http://us-east-1.ec2.archive.ubuntu.com/ubuntu noble/main amd64 libarchive-zip-perl all 1.68-1 [90.2 kB] Get:51 http://us-east-1.ec2.archive.ubuntu.com/ubuntu noble/main amd64 libsub-override-perl all 0.10-1 [10.0 kB] Get:52 http://us-east-1.ec2.archive.ubuntu.com/ubuntu noble/main amd64 libfile-stripnondeterminism-perl all 1.13.1-1 [18.1 kB] Get:53 http://us-east-1.ec2.archive.ubuntu.com/ubuntu noble/main amd64 dh-strip-nondeterminism all 1.13.1-1 [5362 B] Get:54 http://us-east-1.ec2.archive.ubuntu.com/ubuntu noble/main amd64 debugedit amd64 1:5.0-5build2 [46.1 kB] Get:55 http://us-east-1.ec2.archive.ubuntu.com/ubuntu noble/main amd64 dwz amd64 0.15-1build6 [115 kB] Get:56 http://us-east-1.ec2.archive.ubuntu.com/ubuntu noble/main amd64 gettext amd64 0.21-14ubuntu2 [864 kB] Get:57 http://us-east-1.ec2.archive.ubuntu.com/ubuntu noble/main amd64 intltool-debian all 0.35.0+20060710.6 [23.2 kB] Get:58 http://us-east-1.ec2.archive.ubuntu.com/ubuntu noble/main amd64 po-debconf all 1.0.21+nmu1 [233 kB] Get:59 http://us-east-1.ec2.archive.ubuntu.com/ubuntu noble/main amd64 debhelper all 13.14.1ubuntu5 [869 kB] Get:60 http://us-east-1.ec2.archive.ubuntu.com/ubuntu noble/main amd64 libfakeroot amd64 1.33-1 [32.4 kB] Get:61 http://us-east-1.ec2.archive.ubuntu.com/ubuntu noble/main amd64 fakeroot amd64 1.33-1 [67.2 kB] Get:62 http://us-east-1.ec2.archive.ubuntu.com/ubuntu noble/main amd64 libalgorithm-diff-perl all 1.201-1 [41.8 kB] Get:63 http://us-east-1.ec2.archive.ubuntu.com/ubuntu noble/main amd64 libalgorithm-diff-xs-perl amd64 0.04-8build3 [11.2 kB] Get:64 http://us-east-1.ec2.archive.ubuntu.com/ubuntu noble/main amd64 libalgorithm-merge-perl all 0.08-5 [11.4 kB] Get:65 http://us-east-1.ec2.archive.ubuntu.com/ubuntu noble/main amd64 libarchive-cpio-perl all 0.10-3 [10.3 kB] Get:66 http://us-east-1.ec2.archive.ubuntu.com/ubuntu noble/main amd64 libfile-fcntllock-perl amd64 0.22-4ubuntu5 [30.7 kB] Get:67 http://us-east-1.ec2.archive.ubuntu.com/ubuntu noble/main amd64 libltdl7 amd64 2.4.7-7build1 [40.3 kB] Get:68 http://us-east-1.ec2.archive.ubuntu.com/ubuntu noble/main amd64 libltdl-dev amd64 2.4.7-7build1 [168 kB] Get:69 http://us-east-1.ec2.archive.ubuntu.com/ubuntu noble/main amd64 libsys-hostname-long-perl all 1.5-3 [10.6 kB] Get:70 http://us-east-1.ec2.archive.ubuntu.com/ubuntu noble/main amd64 libmail-sendmail-perl all 0.80-3 [21.7 kB] Fetched 72.8 MB in 1s (52.3 MB/s Running kernel seems to be up-to-date. No services need to be restarted. No containers need to be restarted. No user sessions are running outdated binaries. No VM guests are running outdated hypervisor (qemu) binaries on this host. 09/05/2024 08:49:37 DEBUG: Checking curl tool version. 09/05/2024 08:49:37 DEBUG: Adding the Wazuh repository. gpg: keyring '/usr/share/keyrings/wazuh.gpg' created gpg: directory '/root/.gnupg' created gpg: /root/.gnupg/trustdb.gpg: trustdb created gpg: key 96B3EE5F29111145: public key "Wazuh.com (Wazuh Signing Key) " imported gpg: Total number processed: 1 gpg: imported: 1 deb [signed-by=/usr/share/keyrings/wazuh.gpg] https://packages-dev.wazuh.com/pre-release/apt/ unstable main Hit:1 http://us-east-1.ec2.archive.ubuntu.com/ubuntu noble InRelease Hit:2 http://us-east-1.ec2.archive.ubuntu.com/ubuntu noble-updates InRelease Hit:3 http://us-east-1.ec2.archive.ubuntu.com/ubuntu noble-backports InRelease Hit:4 http://security.ubuntu.com/ubuntu noble-security InRelease Get:5 https://packages-dev.wazuh.com/pre-release/apt unstable InRelease [17.3 kB] Get:6 https://packages-dev.wazuh.com/pre-release/apt unstable/main amd64 Packages [37.8 kB] Fetched 55.1 kB in 1s (50.2 kB/s) Reading package lists... 09/05/2024 08:49:41 INFO: Wazuh development repository added. 09/05/2024 08:49:41 INFO: --- Configuration files --- 09/05/2024 08:49:41 INFO: Generating configuration files. 09/05/2024 08:49:41 DEBUG: Creating Wazuh certificates. 09/05/2024 08:49:41 DEBUG: Reading configuration file. 09/05/2024 08:49:41 DEBUG: Checking if 127.0.0.1 is private. 09/05/2024 08:49:41 DEBUG: Checking if 127.0.0.1 is private. 09/05/2024 08:49:41 DEBUG: Checking if 127.0.0.1 is private. 09/05/2024 08:49:42 INFO: Generating the root certificate. 09/05/2024 08:49:42 INFO: Generating Admin certificates. 09/05/2024 08:49:42 DEBUG: Generating Admin private key. 09/05/2024 08:49:42 DEBUG: Converting Admin private key to PKCS8 format. 09/05/2024 08:49:42 DEBUG: Generating Admin CSR. 09/05/2024 08:49:42 DEBUG: Creating Admin certificate. 09/05/2024 08:49:42 INFO: Generating Wazuh indexer certificates. 09/05/2024 08:49:42 DEBUG: Creating the certificates for wazuh-indexer indexer node. 09/05/2024 08:49:42 DEBUG: Generating certificate configuration. 09/05/2024 08:49:42 DEBUG: Creating the Wazuh indexer tmp key pair. 09/05/2024 08:49:43 DEBUG: Creating the Wazuh indexer certificates. 09/05/2024 08:49:43 INFO: Generating Filebeat certificates. 09/05/2024 08:49:43 DEBUG: Generating the certificates for wazuh-server server node. 09/05/2024 08:49:43 DEBUG: Generating certificate configuration. 09/05/2024 08:49:43 DEBUG: Creating the Wazuh server tmp key pair. 09/05/2024 08:49:43 DEBUG: Creating the Wazuh server certificates. 09/05/2024 08:49:43 INFO: Generating Wazuh dashboard certificates. 09/05/2024 08:49:43 DEBUG: Generating certificate configuration. 09/05/2024 08:49:43 DEBUG: Creating the Wazuh dashboard tmp key pair. 09/05/2024 08:49:44 DEBUG: Creating the Wazuh dashboard certificates. 09/05/2024 08:49:44 DEBUG: Cleaning certificate files. 09/05/2024 08:49:44 DEBUG: Generating password file. 09/05/2024 08:49:44 DEBUG: Generating random passwords. 09/05/2024 08:49:44 INFO: Created wazuh-install-files.tar. It contains the Wazuh cluster key, certificates, and passwords necessary for installation. 09/05/2024 08:49:44 DEBUG: Extracting Wazuh configuration. 09/05/2024 08:49:44 DEBUG: Reading configuration file. 09/05/2024 08:49:44 DEBUG: Checking if 127.0.0.1 is private. 09/05/2024 08:49:45 DEBUG: Checking if 127.0.0.1 is private. 09/05/2024 08:49:45 DEBUG: Checking if 127.0.0.1 is private. 09/05/2024 08:49:45 INFO: --- Wazuh indexer --- 09/05/2024 08:49:45 INFO: Starting Wazuh indexer installation. Reading package lists... Building dependency tree... Reading state information... The following NEW packages will be installed: wazuh-indexer 0 upgraded, 1 newly installed, 0 to remove and 21 not upgraded. Need to get 752 MB of archives. After this operation, 1050 MB of additional disk space will be used. Get:1 https://packages-dev.wazuh.com/pre-release/apt unstable/main amd64 wazuh-indexer amd64 4.8.0-1 [752 MB] Fetched 752 MB in 11s (70.3 MB/s) Selecting previou Running kernel seems to be up-to-date. No services need to be restarted. No containers need to be restarted. No user sessions are running outdated binaries. No VM guests are running outdated hypervisor (qemu) binaries on this host. 09/05/2024 08:51:22 DEBUG: Checking Wazuh installation. 09/05/2024 08:51:23 DEBUG: There are Wazuh indexer remaining files. 09/05/2024 08:51:24 INFO: Wazuh indexer installation finished. 09/05/2024 08:51:25 DEBUG: Configuring Wazuh indexer. 09/05/2024 08:51:25 DEBUG: Copying Wazuh indexer certificates. 09/05/2024 08:51:25 INFO: Wazuh indexer post-install configuration finished. 09/05/2024 08:51:25 INFO: Starting service wazuh-indexer. Created symlink /etc/systemd/system/multi-user.target.wants/wazuh-indexer.service → /usr/lib/systemd/system/wazuh-indexer.service. 09/05/2024 08:51:50 INFO: wazuh-indexer service started. 09/05/2024 08:51:50 INFO: Initializing Wazuh indexer cluster security settings. ************************************************************************** ** This tool will be deprecated in the next major release of OpenSearch ** ** https://github.com/opensearch-project/security/issues/1755 ** ************************************************************************** Security Admin v7 Will connect to 127.0.0.1:9200 ... done Connected as "CN=admin,OU=Wazuh,O=Wazuh,L=California,C=US" OpenSearch Version: 2.10.0 Contacting opensearch cluster 'opensearch' and wait for YELLOW clusterstate ... Clustername: wazuh-cluster Clusterstate: GREEN Number of nodes: 1 Number of data nodes: 1 .opendistro_security index does not exists, attempt to create it ... done (0-all replicas) Populate config from /etc/wazuh-indexer/opensearch-security/ Will update '/config' with /etc/wazuh-indexer/opensearch-security/config.yml SUCC: Configuration for 'config' created or updated Will update '/roles' with /etc/wazuh-indexer/opensearch-security/roles.yml SUCC: Configuration for 'roles' created or updated Will update '/rolesmapping' with /etc/wazuh-indexer/opensearch-security/roles_mapping.yml SUCC: Configuration for 'rolesmapping' created or updated Will update '/internalusers' with /etc/wazuh-indexer/opensearch-security/internal_users.yml SUCC: Configuration for 'internalusers' created or updated Will update '/actiongroups' with /etc/wazuh-indexer/opensearch-security/action_groups.yml SUCC: Configuration for 'actiongroups' created or updated Will update '/tenants' with /etc/wazuh-indexer/opensearch-security/tenants.yml SUCC: Configuration for 'tenants' created or updated Will update '/nodesdn' with /etc/wazuh-indexer/opensearch-security/nodes_dn.yml SUCC: Configuration for 'nodesdn' created or updated Will update '/whitelist' with /etc/wazuh-indexer/opensearch-security/whitelist.yml SUCC: Configuration for 'whitelist' created or updated Will update '/audit' with /etc/wazuh-indexer/opensearch-security/audit.yml SUCC: Configuration for 'audit' created or updated Will update '/allowlist' with /etc/wazuh-indexer/opensearch-security/allowlist.yml SUCC: Configuration for 'allowlist' created or updated SUCC: Expected 10 config types for node {"updated_config_types":["allowlist","tenants","rolesmapping","nodesdn","audit","roles","whitelist","internalusers","actiongroups","config"],"updated_config_size":10,"message":null} is 10 (["allowlist","tenants","rolesmapping","nodesdn","audit","roles","whitelist","internalusers","actiongroups","config"]) due to: null Done with success 09/05/2024 08:52:00 INFO: Wazuh indexer cluster security configuration initialized. 09/05/2024 08:52:00 INFO: Wazuh indexer cluster initialized. 09/05/2024 08:52:00 INFO: --- Wazuh server --- 09/05/2024 08:52:00 INFO: Starting the Wazuh manager installation. Reading package lists... Building dependency tree... Reading state information... Suggested packages: expect The following NEW packages will be installed: wazuh-manager 0 upgraded, 1 newly installed, 0 to remove and 21 not upgraded. Need to get 314 MB of archives. After this operation, 915 MB of additional disk space will be used. Get:1 https://packages-dev.wazuh.com/pre-release/apt unstable/main amd64 wazuh-manager amd64 4.8.0-1 [314 MB] Fetched 314 MB in 5s (66. Running kernel seems to be up-to-date. No services need to be restarted. No containers need to be restarted. No user sessions are running outdated binaries. No VM guests are running outdated hypervisor (qemu) binaries on this host. 09/05/2024 08:53:56 DEBUG: Checking Wazuh installation. 09/05/2024 08:53:57 DEBUG: There are Wazuh remaining files. 09/05/2024 08:53:57 DEBUG: There are Wazuh indexer remaining files. 09/05/2024 08:53:59 INFO: Wazuh manager installation finished. 09/05/2024 08:53:59 DEBUG: Configuring Wazuh manager. 09/05/2024 08:53:59 DEBUG: Setting provisional Wazuh indexer password. 09/05/2024 08:53:59 INFO: Wazuh manager vulnerability detection configuration finished. 09/05/2024 08:53:59 INFO: Starting service wazuh-manager. Created symlink /etc/systemd/system/multi-user.target.wants/wazuh-manager.service → /usr/lib/systemd/system/wazuh-manager.service. 09/05/2024 08:54:20 INFO: wazuh-manager service started. 09/05/2024 08:54:20 INFO: Starting Filebeat installation. Reading package lists... Building dependency tree... Reading state information... The following NEW packages will be installed: filebeat 0 upgraded, 1 newly installed, 0 to remove and 21 not upgraded. Need to get 22.1 MB of archives. After this operation, 73.6 MB of additional disk space will be used. Get:1 https://packages-dev.wazuh.com/pre-release/apt unstable/main amd64 filebeat amd64 7.10.2 [22.1 MB] Fetched 22.1 MB in 1s (16.7 MB/s) Selecting previously unsel Running kernel seems to be up-to-date. No services need to be restarted. No containers need to be restarted. No user sessions are running outdated binaries. No VM guests are running outdated hypervisor (qemu) binaries on this host. 09/05/2024 08:54:31 DEBUG: Checking Wazuh installation. 09/05/2024 08:54:32 DEBUG: There are Wazuh remaining files. 09/05/2024 08:54:33 DEBUG: There are Wazuh indexer remaining files. 09/05/2024 08:54:33 DEBUG: There are Filebeat remaining files. 09/05/2024 08:54:34 INFO: Filebeat installation finished. 09/05/2024 08:54:34 DEBUG: Configuring Filebeat. 09/05/2024 08:54:34 DEBUG: Filebeat template was download successfully. wazuh/ wazuh/_meta/ wazuh/_meta/docs.asciidoc wazuh/_meta/fields.yml wazuh/_meta/config.yml wazuh/alerts/ wazuh/alerts/config/ wazuh/alerts/config/alerts.yml wazuh/alerts/manifest.yml wazuh/alerts/ingest/ wazuh/alerts/ingest/pipeline.json wazuh/module.yml wazuh/archives/ wazuh/archives/config/ wazuh/archives/config/archives.yml wazuh/archives/manifest.yml wazuh/archives/ingest/ wazuh/archives/ingest/pipeline.json 09/05/2024 08:54:34 DEBUG: Filebeat module was downloaded successfully. 09/05/2024 08:54:35 DEBUG: Copying Filebeat certificates. Created filebeat keystore Successfully updated the keystore Successfully updated the keystore 09/05/2024 08:54:35 INFO: Filebeat post-install configuration finished. 09/05/2024 08:54:35 INFO: Starting service filebeat. Synchronizing state of filebeat.service with SysV service script with /usr/lib/systemd/systemd-sysv-install. Executing: /usr/lib/systemd/systemd-sysv-install enable filebeat Created symlink /etc/systemd/system/multi-user.target.wants/filebeat.service → /usr/lib/systemd/system/filebeat.service. 09/05/2024 08:54:38 INFO: filebeat service started. 09/05/2024 08:54:38 INFO: --- Wazuh dashboard --- 09/05/2024 08:54:38 INFO: Starting Wazuh dashboard installation. Reading package lists... Building dependency tree... Reading state information... The following NEW packages will be installed: wazuh-dashboard 0 upgraded, 1 newly installed, 0 to remove and 21 not upgraded. Need to get 186 MB of archives. After this operation, 987 MB of additional disk space will be used. Get:1 https://packages-dev.wazuh.com/pre-release/apt unstable/main amd64 wazuh-dashboard amd64 4.8.0-1 [186 MB] Fetched 186 MB in 5s (36.5 MB/s) Selecting previ Running kernel seems to be up-to-date. No services need to be restarted. No containers need to be restarted. No user sessions are running outdated binaries. No VM guests are running outdated hypervisor (qemu) binaries on this host. 09/05/2024 08:56:52 DEBUG: Checking Wazuh installation. 09/05/2024 08:56:52 DEBUG: There are Wazuh remaining files. 09/05/2024 08:56:53 DEBUG: There are Wazuh indexer remaining files. 09/05/2024 08:56:53 DEBUG: There are Filebeat remaining files. 09/05/2024 08:56:54 DEBUG: There are Wazuh dashboard remaining files. 09/05/2024 08:56:54 INFO: Wazuh dashboard installation finished. 09/05/2024 08:56:54 DEBUG: Configuring Wazuh dashboard. 09/05/2024 08:56:54 DEBUG: Copying Wazuh dashboard certificates. 09/05/2024 08:56:54 DEBUG: Wazuh dashboard certificate setup finished. 09/05/2024 08:56:54 INFO: Wazuh dashboard post-install configuration finished. 09/05/2024 08:56:54 INFO: Starting service wazuh-dashboard. Created symlink /etc/systemd/system/multi-user.target.wants/wazuh-dashboard.service → /etc/systemd/system/wazuh-dashboard.service. 09/05/2024 08:56:55 INFO: wazuh-dashboard service started. 09/05/2024 08:56:55 DEBUG: Setting Wazuh indexer cluster passwords. 09/05/2024 08:56:55 DEBUG: Checking Wazuh installation. 09/05/2024 08:56:56 DEBUG: There are Wazuh remaining files. 09/05/2024 08:56:56 DEBUG: There are Wazuh indexer remaining files. 09/05/2024 08:56:57 DEBUG: There are Filebeat remaining files. 09/05/2024 08:56:58 DEBUG: There are Wazuh dashboard remaining files. 09/05/2024 08:56:58 INFO: Updating the internal users. 09/05/2024 08:56:58 DEBUG: Creating password backup. ************************************************************************** ** This tool will be deprecated in the next major release of OpenSearch ** ** https://github.com/opensearch-project/security/issues/1755 ** ************************************************************************** Security Admin v7 Will connect to 127.0.0.1:9200 ... done Connected as "CN=admin,OU=Wazuh,O=Wazuh,L=California,C=US" OpenSearch Version: 2.10.0 Contacting opensearch cluster 'opensearch' and wait for YELLOW clusterstate ... Clustername: wazuh-cluster Clusterstate: GREEN Number of nodes: 1 Number of data nodes: 1 .opendistro_security index already exists, so we do not need to create one. Will retrieve '/config' into /etc/wazuh-indexer/backup/config.yml SUCC: Configuration for 'config' stored in /etc/wazuh-indexer/backup/config.yml Will retrieve '/roles' into /etc/wazuh-indexer/backup/roles.yml SUCC: Configuration for 'roles' stored in /etc/wazuh-indexer/backup/roles.yml Will retrieve '/rolesmapping' into /etc/wazuh-indexer/backup/roles_mapping.yml SUCC: Configuration for 'rolesmapping' stored in /etc/wazuh-indexer/backup/roles_mapping.yml Will retrieve '/internalusers' into /etc/wazuh-indexer/backup/internal_users.yml SUCC: Configuration for 'internalusers' stored in /etc/wazuh-indexer/backup/internal_users.yml Will retrieve '/actiongroups' into /etc/wazuh-indexer/backup/action_groups.yml SUCC: Configuration for 'actiongroups' stored in /etc/wazuh-indexer/backup/action_groups.yml Will retrieve '/tenants' into /etc/wazuh-indexer/backup/tenants.yml SUCC: Configuration for 'tenants' stored in /etc/wazuh-indexer/backup/tenants.yml Will retrieve '/nodesdn' into /etc/wazuh-indexer/backup/nodes_dn.yml SUCC: Configuration for 'nodesdn' stored in /etc/wazuh-indexer/backup/nodes_dn.yml Will retrieve '/whitelist' into /etc/wazuh-indexer/backup/whitelist.yml SUCC: Configuration for 'whitelist' stored in /etc/wazuh-indexer/backup/whitelist.yml Will retrieve '/allowlist' into /etc/wazuh-indexer/backup/allowlist.yml SUCC: Configuration for 'allowlist' stored in /etc/wazuh-indexer/backup/allowlist.yml Will retrieve '/audit' into /etc/wazuh-indexer/backup/audit.yml SUCC: Configuration for 'audit' stored in /etc/wazuh-indexer/backup/audit.yml 09/05/2024 08:57:09 DEBUG: Password backup created in /etc/wazuh-indexer/backup. 09/05/2024 08:57:09 INFO: A backup of the internal users has been saved in the /etc/wazuh-indexer/internalusers-backup folder. 09/05/2024 08:57:09 DEBUG: The internal users have been updated before changing the passwords. 09/05/2024 08:57:11 DEBUG: Generating password hashes. 09/05/2024 08:57:24 DEBUG: Password hashes generated. 09/05/2024 08:57:24 DEBUG: Creating password backup. ************************************************************************** ** This tool will be deprecated in the next major release of OpenSearch ** ** https://github.com/opensearch-project/security/issues/1755 ** ************************************************************************** Security Admin v7 Will connect to 127.0.0.1:9200 ... done Connected as "CN=admin,OU=Wazuh,O=Wazuh,L=California,C=US" OpenSearch Version: 2.10.0 Contacting opensearch cluster 'opensearch' and wait for YELLOW clusterstate ... Clustername: wazuh-cluster Clusterstate: GREEN Number of nodes: 1 Number of data nodes: 1 .opendistro_security index already exists, so we do not need to create one. Will retrieve '/config' into /etc/wazuh-indexer/backup/config.yml SUCC: Configuration for 'config' stored in /etc/wazuh-indexer/backup/config.yml Will retrieve '/roles' into /etc/wazuh-indexer/backup/roles.yml SUCC: Configuration for 'roles' stored in /etc/wazuh-indexer/backup/roles.yml Will retrieve '/rolesmapping' into /etc/wazuh-indexer/backup/roles_mapping.yml SUCC: Configuration for 'rolesmapping' stored in /etc/wazuh-indexer/backup/roles_mapping.yml Will retrieve '/internalusers' into /etc/wazuh-indexer/backup/internal_users.yml SUCC: Configuration for 'internalusers' stored in /etc/wazuh-indexer/backup/internal_users.yml Will retrieve '/actiongroups' into /etc/wazuh-indexer/backup/action_groups.yml SUCC: Configuration for 'actiongroups' stored in /etc/wazuh-indexer/backup/action_groups.yml Will retrieve '/tenants' into /etc/wazuh-indexer/backup/tenants.yml SUCC: Configuration for 'tenants' stored in /etc/wazuh-indexer/backup/tenants.yml Will retrieve '/nodesdn' into /etc/wazuh-indexer/backup/nodes_dn.yml SUCC: Configuration for 'nodesdn' stored in /etc/wazuh-indexer/backup/nodes_dn.yml Will retrieve '/whitelist' into /etc/wazuh-indexer/backup/whitelist.yml SUCC: Configuration for 'whitelist' stored in /etc/wazuh-indexer/backup/whitelist.yml Will retrieve '/allowlist' into /etc/wazuh-indexer/backup/allowlist.yml SUCC: Configuration for 'allowlist' stored in /etc/wazuh-indexer/backup/allowlist.yml Will retrieve '/audit' into /etc/wazuh-indexer/backup/audit.yml SUCC: Configuration for 'audit' stored in /etc/wazuh-indexer/backup/audit.yml 09/05/2024 08:57:31 DEBUG: Password backup created in /etc/wazuh-indexer/backup. Successfully updated the keystore 09/05/2024 08:57:31 DEBUG: Restarting filebeat service... 09/05/2024 08:57:32 DEBUG: filebeat started. 09/05/2024 08:57:32 DEBUG: Restarting wazuh-manager service... 09/05/2024 08:58:00 DEBUG: wazuh-manager started. 09/05/2024 08:58:02 DEBUG: Restarting wazuh-dashboard service... 09/05/2024 08:58:03 DEBUG: wazuh-dashboard started. 09/05/2024 08:58:03 DEBUG: Running security admin tool. 09/05/2024 08:58:03 DEBUG: Loading new passwords changes. ************************************************************************** ** This tool will be deprecated in the next major release of OpenSearch ** ** https://github.com/opensearch-project/security/issues/1755 ** ************************************************************************** Security Admin v7 Will connect to 127.0.0.1:9200 ... done Connected as "CN=admin,OU=Wazuh,O=Wazuh,L=California,C=US" OpenSearch Version: 2.10.0 Contacting opensearch cluster 'opensearch' and wait for YELLOW clusterstate ... Clustername: wazuh-cluster Clusterstate: GREEN Number of nodes: 1 Number of data nodes: 1 .opendistro_security index already exists, so we do not need to create one. Populate config from /home/ubuntu Force type: internalusers Will update '/internalusers' with /etc/wazuh-indexer/backup/internal_users.yml SUCC: Configuration for 'internalusers' created or updated SUCC: Expected 1 config types for node {"updated_config_types":["internalusers"],"updated_config_size":1,"message":null} is 1 (["internalusers"]) due to: null Done with success 09/05/2024 08:58:12 DEBUG: Passwords changed. 09/05/2024 08:58:12 DEBUG: Changing API passwords. 09/05/2024 08:58:21 INFO: Initializing Wazuh dashboard web application. 09/05/2024 08:58:21 INFO: Wazuh dashboard web application not yet initialized. Waiting... 09/05/2024 08:58:37 INFO: Wazuh dashboard web application not yet initialized. Waiting... 09/05/2024 08:58:52 INFO: Wazuh dashboard web application initialized. 09/05/2024 08:58:52 INFO: --- Summary --- 09/05/2024 08:58:52 INFO: You can access the web interface https://:443 User: admin Password: .wPhTZOna5rcq1hMRy3Gm6qgm+lFSfFd 09/05/2024 08:58:52 DEBUG: Restoring Wazuh repository. 09/05/2024 08:58:52 INFO: Installation finished. root@ip-172-31-39-91:/home/ubuntu# ```