Closed DFolchA closed 1 year ago
Tester | PR commit |
---|---|
@Rebits | d677dd2 |
OS | OS version | Deployment | Image/AMI |
---|---|---|---|
Ubuntu | 22 | EC2 | ami-003530de8839921c4 |
Amazon Linux | 2 | EC2 | ami-06cfe42abdba039eb |
macOS | Sierra | Vagrant | |
Windows Server | 2022 | Vagrant | ami-047e29beecff33db0 |
OS | Package |
---|---|
Ubuntu | Manager, Agent |
Amazon Linux | Agent |
macOS | Agent |
Windows Server | Agent |
WAZUH_MANAGER
reorderer specified managers for Linux and macOS agents. This behavior also produces a mismatch of protocols and managers, changing specified protocols by the default TCP
:red_circle: WAZUH_PROTOCOL
in Windows agent duplicate the protocol
configuration block. This could result in a final configuration in which the specified protocol is not used. Not present in 4.3.8 :red_circle: WAZUH_MANAGER
with multiple values in Windows agent fails. Not present in 4.3.8 :red_circle: N: Download is performed unsandboxed as root as file '/home/ubuntu/wazuh-agent_4.4.0-0.commitd677dd2_amd64.deb' couldn't be accessed by user '_apt'. - pkgAcquire::Run (13: Permission denied)
. Not present in 4.3.8 :red_circle:. Reported https://github.com/wazuh/wazuh-packages/issues/1709config-profile
:yellow_circle: . Detailed in https://github.com/wazuh/wazuh/issues/15150dpkg: warning: while removing wazuh-agent, directory '/usr/lib/systemd/system' not empty so not removed
. Present in 4.3.8 :yellow_circle:. Detailed in https://github.com/wazuh/wazuh-packages/issues/1879Deployment variables for Linux
- WAZUH_MANAGER - WAZUH_MANAGER_PORT - WAZUH_PROTOCOL - WAZUH_REGISTRATION_SERVER - WAZUH_REGISTRATION_PORT - WAZUH_REGISTRATION_PASSWORD - WAZUH_KEEP_ALIVE_INTERVAL - WAZUH_TIME_RECONNECT - WAZUH_REGISTRATION_CA - WAZUH_REGISTRATION_CERTIFICATE - WAZUH_REGISTRATION_KEY - WAZUH_AGENT_NAME - WAZUH_AGENT_GROUP - ENROLLMENT_DELAYDeployment variables for Windows
- WAZUH_MANAGER - WAZUH_MANAGER_PORT - WAZUH_PROTOCOL - WAZUH_REGISTRATION_SERVER - WAZUH_REGISTRATION_PORT - WAZUH_REGISTRATION_PASSWORD - WAZUH_KEEP_ALIVE_INTERVAL - WAZUH_TIME_RECONNECT - WAZUH_REGISTRATION_CA - WAZUH_REGISTRATION_CERTIFICATE - WAZUH_REGISTRATION_KEY - WAZUH_AGENT_NAME - WAZUH_AGENT_GROUP - ENROLLMENT_DELAY - /l installer.log - /l*v installer.logDeployment variables for macOS
- WAZUH_MANAGER - WAZUH_MANAGER_PORT - WAZUH_PROTOCOL - WAZUH_REGISTRATION_SERVER - WAZUH_REGISTRATION_PORT - WAZUH_REGISTRATION_PASSWORD - WAZUH_KEEP_ALIVE_INTERVAL - WAZUH_TIME_RECONNECT - WAZUH_REGISTRATION_CA - WAZUH_REGISTRATION_CERTIFICATE - WAZUH_REGISTRATION_KEY - WAZUH_AGENT_NAME - WAZUH_AGENT_GROUP - ENROLLMENT_DELAY
Some issues were detected for all OS: - Linux and macOS - Protocols and managers mismatch due to manager reordering. Managers `3.3.3.3`, `2.2.2.2`. `1.1.1.1` should use `UDP, UDP, TCP` respectively. - Managers are reordered in alphabetical order. This is not expected. - The agent should use as registration address the first manager address specified `3.3.3.3` - Windows - Multiple protocol configuration blocks, resulting in the use of a not specified protocol. (Not present in 4.3.8)AmazonLinux :red_circle:
**Command**: `WAZUH_MANAGER=3.3.3.3,2.2.2.2,1.1.1.1 WAZUH_PROTOCOL=UDP,UDP,TCP yum install wazuh-agent` **Configuration**: `````` 1.1.1.1 1514 udp 2.2.2.2 1514 udp 3.3.3.3 1514 tcp amzn, amzn2 10 60 yes aes yes 1.1.1.1 etc/authd.pass Ubuntu :red_circle:
**Command**: `WAZUH_MANAGER=3.3.3.3,2.2.2.2,1.1.1.1 WAZUH_PROTOCOL=UDP,UDP,TCP apt-get install wazuh-agent` **Configuration**: `````` 1.1.1.1 1514 udp 2.2.2.2 1514 udp 3.3.3.3 1514 tcp ubuntu, ubuntu22, ubuntu22.04 10 60 yes aes yes 1.1.1.1 etc/authd.pass Windows :red_circle:
Managers' addresses are ordered but the protocol is set two times. Not expected behavior. The final protocol used is not specified at installation time. Also, no enrollment configuration is set. **Command**: `wazuh-agent.msi /q WAZUH_MANAGER=3.3.3.3,2.2.2.2,1.1.1.1 WAZUH_PROTOCOL=UDP,UDP,TCP` **Configuration**: `````` > Notice that the default configuration for Windows Server 2022 does not include `config-profile`. 3.3.3.3 1514 udp tcp 2.2.2.2 1514 udp tcp 1.1.1.1 1514 tcp tcp aes 10 60 yes macOS :red_circle:
**Command**: `launchctl setenv WAZUH_MANAGER "3.3.3.3,2.2.2.2,1.1.1.1" WAZUH_PROTOCOL "UDP,UDP,TCP" && installer -pkg wazuh-agent-4.4.0-0.commitd677dd2.pkg -target / ` **Configuration**: `````` 1.1.1.1 1514 udp 2.2.2.2 1514 udp 3.3.3.3 1514 tcp darwin, darwin21, darwin21.1 10 60 yes aes yes 1.1.1.1 etc/authd.pass
Some issues were detected: - Windows - Windows installer fails. **Error not present in 4.3.8**AmazonLinux :green_circle:
**Command**: `WAZUH_MANAGER=1.1.1.1,wazuh-manager,3.3.3.3,testing-manager,dns-manager,MANAGER-4 WAZUH_MANAGER_PORT=7777 WAZUH_PROTOCOL=udp WAZUH_REGISTRATION_SERVER=2.2.2.2 WAZUH_REGISTRATION_PORT=8888 WAZUH_REGISTRATION_PASSWORD=password WAZUH_KEEP_ALIVE_INTERVAL=10 WAZUH_TIME_RECONNECT=10 WAZUH_REGISTRATION_CA=/var/ossec/etc/testsslmanager.cert WAZUH_REGISTRATION_CERTIFICATE=/var/ossec/etc/testsslmanager.cert WAZUH_REGISTRATION_KEY=/var/ossec/etc/testsslmanager.key WAZUH_AGENT_NAME=test-agent WAZUH_AGENT_GROUP=test-group ENROLLMENT_DELAY=10 yum install ./wazuh-agent-4.4.0-0.commitd677dd2.x86_64.rpm` **Configuration**: `````` 1.1.1.1 7777 udp 3.3.3.3 7777 tcp dns-manager 7777 tcp MANAGER-4 7777 tcp testing-manager 7777 tcp wazuh-manager 7777 tcp amzn, amzn2 10 10 yes aes yes 2.2.2.2 8888 test-agent test-group /var/ossec/etc/testsslmanager.cert /var/ossec/etc/testsslmanager.cert /var/ossec/etc/testsslmanager.key etc/authd.pass 10 Ubuntu :green_circle:
**Command**: `WAZUH_MANAGER=1.1.1.1,wazuh-manager,3.3.3.3,testing-manager,dns-manager,MANAGER-4 WAZUH_MANAGER_PORT=7777 WAZUH_PROTOCOL=udp WAZUH_REGISTRATION_SERVER=2.2.2.2 WAZUH_REGISTRATION_PORT=8888 WAZUH_REGISTRATION_PASSWORD=password WAZUH_KEEP_ALIVE_INTERVAL=10 WAZUH_TIME_RECONNECT=10 WAZUH_REGISTRATION_CA=/var/ossec/etc/testsslmanager.cert WAZUH_REGISTRATION_CERTIFICATE=/var/ossec/etc/testsslmanager.cert WAZUH_REGISTRATION_KEY=/var/ossec/etc/testsslmanager.key WAZUH_AGENT_NAME=test-agent WAZUH_AGENT_GROUP=test-group ENROLLMENT_DELAY=10 apt-get install ./wazuh-agent_4.4.0-0.commitd677dd2_amd64.deb` **Command**: `````` 1.1.1.1 7777 udp 3.3.3.3 7777 tcp dns-manager 7777 tcp MANAGER-4 7777 tcp testing-manager 7777 tcp wazuh-manager 7777 tcp ubuntu, ubuntu22, ubuntu22.04 10 10 yes aes yes 2.2.2.2 8888 test-agent test-group /var/ossec/etc/testsslmanager.cert /var/ossec/etc/testsslmanager.cert /var/ossec/etc/testsslmanager.key etc/authd.pass 10 Windows :red_circle: :warning:
Error during agent installation **Command**: `.\wazuh-agent.msi /q WAZUH_MANAGER=1.1.1.1,wazuh-manager,3.3.3.3,testing-manager,dns-manager,MANAGER-4 WAZUH_MANAGER_PORT=7777 WAZUH_PROTOCOL=udp WAZUH_REGISTRATION_SERVER=2.2.2.2 WAZUH_REGISTRATION_PORT=8888 WAZUH_REGISTRATION_PASSWORD=password WAZUH_KEEP_ALIVE_INTERVAL=10 WAZUH_TIME_RECONNECT=10 WAZUH_REGISTRATION_CA=/var/ossec/etc/testsslmanager.cert WAZUH_REGISTRATION_CERTIFICATE=/var/ossec/etc/testsslmanager.cert WAZUH_REGISTRATION_KEY=/var/ossec/etc/testsslmanager.key WAZUH_AGENT_NAME=test-agent WAZUH_AGENT_GROUP=test-group ENROLLMENT_DELAY=10 /l*v installer.log` **installer.log**: [installer.zip](https://github.com/wazuh/wazuh-qa/files/9734067/installer.zip)macOS :green_circle:
**Command**: `setenv WAZUH_MANAGER "1.1.1.1,wazuh-manager,3.3.3.3,testing-manager,dns-manager,MANAGER-4" WAZUH_MANAGER_PORT "7777" WAZUH_PROTOCOL "udp" WAZUH_REGISTRATION_SERVER "2.2.2.2" WAZUH_REGISTRATION_PORT "8888" WAZUH_REGISTRATION_PASSWORD "password" WAZUH_KEEP_ALIVE_INTERVAL "10" WAZUH_TIME_RECONNECT "10" WAZUH_REGISTRATION_CA "/var/ossec/etc/testsslmanager.cert" WAZUH_REGISTRATION_CERTIFICATE "/var/ossec/etc/testsslmanager.cert" WAZUH_REGISTRATION_KEY "/var/ossec/etc/testsslmanager.key" WAZUH_AGENT_NAME "test-agent" WAZUH_AGENT_GROUP "test-group" ENROLLMENT_DELAY "10" && installer -pkg wazuh-agent-4.4.0-0.commitd677dd2.pkg -target /;` **Configuration**: `````` 1.1.1.1 7777 udp 3.3.3.3 7777 tcp MANAGER-4 7777 tcp dns-manager 7777 tcp testing-manager 7777 tcp wazuh-manager 7777 tcp darwin, darwin21, darwin21.1 10 10 yes aes yes 2.2.2.2 8888 test-agent test-group /var/ossec/etc/testsslmanager.cert /var/ossec/etc/testsslmanager.cert /var/ossec/etc/testsslmanager.key etc/authd.pass 10
- Linux and macOS - Protocols and managers mismatch due to manager reordering. - Managers are reordered in alphabetical order. This is not expected. - Windows - Multiple protocol configuration blocks, resulting in the use of a not specified protocol. (Not present in 4.3.8)AmazonLinux :red_circle:
**Command**: `WAZUH_MANAGER=1.1.1.1,wazuh-manager,3.3.3.3,testing-manager,dns-manager,MANAGER-4 WAZUH_MANAGER_PORT=7777 WAZUH_PROTOCOL=udp,tcp,udp,tcp,udp,tcp,udp,tcp WAZUH_REGISTRATION_SERVER=2.2.2.2 WAZUH_REGISTRATION_PORT=8888 WAZUH_REGISTRATION_PASSWORD=password WAZUH_KEEP_ALIVE_INTERVAL=10 WAZUH_TIME_RECONNECT=10 WAZUH_REGISTRATION_CA=/var/ossec/etc/testsslmanager.cert WAZUH_REGISTRATION_CERTIFICATE=/var/ossec/etc/testsslmanager.cert WAZUH_REGISTRATION_KEY=/var/ossec/etc/testsslmanager.key WAZUH_AGENT_NAME=test-agent WAZUH_AGENT_GROUP=test-group ENROLLMENT_DELAY=10 yum install ./wazuh-agent-4.4.0-0.commitd677dd2.x86_64.rpm` **Configuration**: `````` 1.1.1.1 7777 udp 3.3.3.3 7777 tcp dns-manager 7777 udp MANAGER-4 7777 tcp testing-manager 7777 udp wazuh-manager 7777 tcp amzn, amzn2 10 10 yes aes yes 2.2.2.2 8888 test-agent test-group /var/ossec/etc/testsslmanager.cert /var/ossec/etc/testsslmanager.cert /var/ossec/etc/testsslmanager.key etc/authd.pass 10 Ubuntu :red_circle:
**Command**: `WAZUH_MANAGER=1.1.1.1,wazuh-manager,3.3.3.3,testing-manager,dns-manager,MANAGER-4 WAZUH_MANAGER_PORT=7777 WAZUH_PROTOCOL=udp,tcp,udp,tcp,udp,tcp,udp,tcp WAZUH_REGISTRATION_SERVER=2.2.2.2 WAZUH_REGISTRATION_PORT=8888 WAZUH_REGISTRATION_PASSWORD=password WAZUH_KEEP_ALIVE_INTERVAL=10 WAZUH_TIME_RECONNECT=10 WAZUH_REGISTRATION_CA=/var/ossec/etc/testsslmanager.cert WAZUH_REGISTRATION_CERTIFICATE=/var/ossec/etc/testsslmanager.cert WAZUH_REGISTRATION_KEY=/var/ossec/etc/testsslmanager.key WAZUH_AGENT_NAME=test-agent WAZUH_AGENT_GROUP=test-group ENROLLMENT_DELAY=10 apt-get install ./wazuh-agent_4.4.0-0.commitd677dd2_amd64.deb` **Configuration**: `````` 1.1.1.1 7777 udp 3.3.3.3 7777 tcp dns-manager 7777 udp MANAGER-4 7777 tcp testing-manager 7777 udp wazuh-manager 7777 tcp ubuntu, ubuntu22, ubuntu22.04 10 10 yes aes yes 2.2.2.2 8888 test-agent test-group /var/ossec/etc/testsslmanager.cert /var/ossec/etc/testsslmanager.cert /var/ossec/etc/testsslmanager.key etc/authd.pass 10 Windows :red_circle:
**Command**: `.\wazuh-agent.msi /q WAZUH_MANAGER=1.1.1.1,wazuh-manager,3.3.3.3,testing-manager,dns-manager,MANAGER-4 WAZUH_MANAGER_PORT=7777 WAZUH_PROTOCOL=udp,tcp,udp,tcp,udp,tcp,udp,tcp WAZUH_REGISTRATION_SERVER=2.2.2.2 WAZUH_REGISTRATION_PORT=8888 WAZUH_REGISTRATION_PASSWORD=password WAZUH_KEEP_ALIVE_INTERVAL=10 WAZUH_TIME_RECONNECT=10 WAZUH_REGISTRATION_CA=/var/ossec/etc/testsslmanager.cert WAZUH_REGISTRATION_CERTIFICATE=/var/ossec/etc/testsslmanager.cert WAZUH_REGISTRATION_KEY=/var/ossec/etc/testsslmanager.key WAZUH_AGENT_NAME=test-agent WAZUH_AGENT_GROUP=test-group ENROLLMENT_DELAY=10 /l*v installer.log ` **Configuration**: `````` 1.1.1.1 7777 udp tcp wazuh-manager 7777 tcp tcp 3.3.3.3 7777 udp tcp testing-manager 7777 tcp tcp dns-manager 7777 udp tcp MANAGER-4 7777 tcp tcp aes 10 10 yes yes 2.2.2.2 8888 authd.pass /var/ossec/etc/testsslmanager.cert /var/ossec/etc/testsslmanager.cert /var/ossec/etc/testsslmanager.key test-agent test-group 10 macOS :red_circle:
**Command**: `setenv WAZUH_MANAGER "1.1.1.1,wazuh-manager,3.3.3.3,testing-manager,dns-manager,MANAGER-4" WAZUH_MANAGER_PORT "7777" WAZUH_PROTOCOL "udp,tcp,udp,tcp,udp,tcp,udp,tcp" WAZUH_REGISTRATION_SERVER "2.2.2.2" WAZUH_REGISTRATION_PORT "8888" WAZUH_REGISTRATION_PASSWORD "password" WAZUH_KEEP_ALIVE_INTERVAL "10" WAZUH_TIME_RECONNECT "10" WAZUH_REGISTRATION_CA "/var/ossec/etc/testsslmanager.cert" WAZUH_REGISTRATION_CERTIFICATE "/var/ossec/etc/testsslmanager.cert" WAZUH_REGISTRATION_KEY "/var/ossec/etc/testsslmanager.key" WAZUH_AGENT_NAME "test-agent" WAZUH_AGENT_GROUP "test-group" ENROLLMENT_DELAY "10" && installer -pkg wazuh-agent-4.4.0-0.commitd677dd2.pkg -target /;` **Configuration**: `````` 1.1.1.1 7777 udp 3.3.3.3 7777 tcp MANAGER-4 7777 udp dns-manager 7777 tcp testing-manager 7777 udp wazuh-manager 7777 tcp darwin, darwin21, darwin21.1 10 10 yes aes yes 2.2.2.2 8888 test-agent test-group /var/ossec/etc/testsslmanager.cert /var/ossec/etc/testsslmanager.cert /var/ossec/etc/testsslmanager.key etc/authd.pass 10
Some issues were detected - Windows - Error during agent installation. (Not present in 4.3.8)AmazonLinux :green_circle:
**Command**: `WAZUH_MANAGER="1,2,3,4,5,6,7,8,9" yum install ./wazuh-agent-4.4.0-0.commitd677dd2.x86_64.rpm` **Configuration**: ```1 1514 tcp 2 1514 tcp 3 1514 tcp 4 1514 tcp 5 1514 tcp 6 1514 tcp 7 1514 tcp 8 1514 tcp 9 ```1514 tcp Ubuntu :green_circle:
**Command**: `WAZUH_MANAGER="1,2,3,4,5,6,7,8,9" apt-get install ./wazuh-agent_4.4.0-0.commitd677dd2_amd64.deb` **Configuration**: ```1 1514 tcp 2 1514 tcp 3 1514 tcp 4 1514 tcp 5 1514 tcp 6 1514 tcp 7 1514 tcp 8 1514 tcp 9 ```1514 tcp Windows :red_circle: :warning:
Error installing windows agent **Command**: `.\wazuh-agent.msi /q WAZUH_MANAGER="1,2,3,4,5,6,7,8,9" /l*v installer.log` **installer.log**: [installer.zip](https://github.com/wazuh/wazuh-qa/files/9734606/installer.zip)**macOS :green_circle:
**Command** ```1 1514 tcp 2 1514 tcp 3 1514 tcp 4 1514 tcp 5 1514 tcp 6 1514 tcp 7 1514 tcp 8 1514 tcp 9 ```1514 tcp
AmazonLinux :green_circle:
**Command**: `WAZUH_MANAGER_PORT="9991" yum install ./wazuh-agent-4.4.0-0.commitd677dd2.x86_64.rpm ` **Configuration**: `````` MANAGER_IP 9991 tcp amzn, amzn2 10 60 yes aes Ubuntu :green_circle:
**Command**: `WAZUH_MANAGER_PORT="9991" apt-get install ./wazuh-agent_4.4.0-0.commitd677dd2_amd64.deb` **Configuration**: `````` MANAGER_IP 9991 tcp ubuntu, ubuntu22, ubuntu22.04 10 60 yes aes Windows :green_circle:
**Command**: `.\wazuh-agent.msi /q WAZUH_MANAGER_PORT="9991"` **Configuration** `````` 0.0.0.0 9991 tcp aes 10 60 yes macOS :green_circle:
**Command**: `launchctl setenv WAZUH_MANAGER_PORT "9991"&& installer -pkg wazuh-agent-4.4.0-0.commitd677dd2.pkg -target /;` **Configuration**: `````` MANAGER_IP 9991 tcp darwin, darwin21, darwin21.1 10 60 yes aes
AmazonLinux :green_circle:
**Command**: `WAZUH_PROTOCOL="udp,tcp,udp,tcp,tcp" yum install ./wazuh-agent-4.4.0-0.commitd677dd2.x86_64.rpm` **Configuration**: `````` MANAGER_IP 1514 udp amzn, amzn2 10 60 yes aes Ubuntu :green_circle:
**Command**: `WAZUH_PROTOCOL="udp,tcp,udp,tcp,tcp" apt-get install ./wazuh-agent_4.4.0-0.commitd677dd2_amd64.deb` **Configuration**: `````` MANAGER_IP 1514 udp ubuntu, ubuntu22, ubuntu22.04 10 60 yes aes Windows :green_circle:
**Command**: `wazuh-agent.msi /q WAZUH_PROTOCOL="udp,tcp,udp,tcp,tcp"` **Configuration**: `````` 0.0.0.0 1514 udp aes 10 60 yes macOS :green_circle:
**Command**: `launchctl setenv WAZUH_PROTOCOL "udp,tcp,udp,tcp,tcp" && installer -pkg wazuh-agent-4.4.0-0.commitd677dd2.pkg -target /; ` **Configuration**: `````` MANAGER_IP 1514 udp darwin, darwin21, darwin21.1 10 60 yes aes
AmazonLinux :green_circle:
**Command**: `WAZUH_REGISTRATION_SERVER="wazuh-reg-server" yum install ./wazuh-agent-4.4.0-0.commitd677dd2.x86_64.rpm` **Configuration**: `````` MANAGER_IP 1514 tcp amzn, amzn2 10 60 yes aes yes wazuh-reg-server etc/authd.pass Ubuntu :green_circle:
**Command**: `WAZUH_REGISTRATION_SERVER=wazuh-reg-server"" apt-get install ./wazuh-agent_4.4.0-0.commitd677dd2_amd64.deb` **Configuration**: `````` MANAGER_IP 1514 tcp ubuntu, ubuntu22, ubuntu22.04 10 60 yes aes yes wazuh-reg-server etc/authd.pass Windows :green_circle:
**Command**: `.\wazuh-agent.msi /q WAZUH_REGISTRATION_SERVER="wazuh-reg-server"` **Configuration**: `````` 0.0.0.0 1514 tcp aes 10 60 yes yes wazuh-reg-server macOS :green_circle:
**Command**: `launchctl setenv WAZUH_REGISTRATION_SERVER "wazuh-reg-server" && installer -pkg wazuh-agent-4.4.0-0.commitd677dd2.pkg -target /;` **Configuration**: `````` MANAGER_IP 1514 tcp darwin, darwin21, darwin21.1 10 60 yes aes yes wazuh-reg-server etc/authd.pass
AmazonLinux :green_circle:
**Command**: `WAZUH_REGISTRATION_PORT="39482" yum install ./wazuh-agent-4.4.0-0.commitd677dd2.x86_64.rpm` **Configuration**: `````` MANAGER_IP 1514 tcp amzn, amzn2 10 60 yes aes yes 39482 etc/authd.pass Ubuntu :green_circle:
**Command**: `WAZUH_REGISTRATION_PORT="39482" apt-get install ./wazuh-agent_4.4.0-0.commitd677dd2_amd64.deb` **Configuration**: `````` MANAGER_IP 1514 tcp ubuntu, ubuntu22, ubuntu22.04 10 60 yes aes yes 39482 etc/authd.pass Windows :green_circle:
**Command**: `.\wazuh-agent.msi /q WAZUH_REGISTRATION_PORT="39482"` **Configuration**: `````` 0.0.0.0 1514 tcp aes 10 60 yes yes 39482 macOS :green_circle:
**Command**: `launchctl setenv WAZUH_REGISTRATION_PORT "39482" && installer -pkg wazuh-agent-4.4.0-0.commitd677dd2.pkg -target /;` **Configuration**: `````` MANAGER_IP 1514 tcp darwin, darwin21, darwin21.1 10 60 yes aes yes 39482 etc/authd.pass
AmazonLinux :green_circle:
**Command**: `WAZUH_REGISTRATION_PASSWORD="39482-PASSWORD-Testing" yum install ./wazuh-agent-4.4.0-0.commitd677dd2.x86_64.rpm` **Configuration**: `````` ``` [root@ip-172-31-5-208 qa]# cat /var/ossec/etc/authd.pass 39482-PASSWORD-Testing ``` MANAGER_IP 1514 tcp amzn, amzn2 10 60 yes aes yes etc/authd.pass Ubuntu :green_circle:
**Command**: `WAZUH_REGISTRATION_PASSWORD="39482-PASSWORD-Testing" apt-get install ./wazuh-agent_4.4.0-0.commitd677dd2_amd64.deb` **Configuration**: `````` ``` root@ip-172-31-15-71:/home/qa# cat /var/ossec/etc/authd.pass 39482-PASSWORD-Testing ``` MANAGER_IP 1514 tcp ubuntu, ubuntu22, ubuntu22.04 10 60 yes aes yes etc/authd.pass Windows :green_circle:
**Command**: `.\wazuh-agent.msi /q WAZUH_REGISTRATION_PASSWORD="39482-PASSWORD-Testing"` **Configuration**: `````` `authd.pass`: `39482-PASSWORD-Testing` 0.0.0.0 1514 tcp aes 10 60 yes yes authd.pass macOS :green_circle:
**Command**: `launchctl setenv WAZUH_REGISTRATION_PASSWORD "39482-PASSWORD-Testing" && installer -pkg wazuh-agent-4.4.0-0.commitd677dd2.pkg -target /;` **Configuration**: `````` `auth.pass`: ``` sh-3.2# cat /Library/Ossec/etc/authd.pass 39482-PASSWORD-Testing sh-3.2# ls -la /Library/Ossec/etc/authd.pass -rw-r--r-- 1 root wazuh 23 Oct 7 16:53 /Library/Ossec/etc/authd.pass ``` MANAGER_IP 1514 tcp darwin, darwin21, darwin21.1 10 60 yes aes yes etc/authd.pass
AmazonLinux :green_circle:
**Command**: `WAZUH_KEEP_ALIVE_INTERVAL="1234" yum install ./wazuh-agent-4.4.0-0.commitd677dd2.x86_64.rpm` **Configuration**: `````` MANAGER_IP 1514 tcp amzn, amzn2 1234 60 yes aes Ubuntu :green_circle:
**Command**: `WAZUH_KEEP_ALIVE_INTERVAL="1234" apt-get install ./wazuh-agent_4.4.0-0.commitd677dd2_amd64.deb` **Configuration** `````` MANAGER_IP 1514 tcp ubuntu, ubuntu22, ubuntu22.04 1234 60 yes aes Windows :green_circle:
**Command**: `.\wazuh-agent.msi /q WAZUH_KEEP_ALIVE_INTERVAL="1234" ` **Configuration**: `````` 0.0.0.0 1514 tcp aes 1234 60 yes macOS :green_circle:
**Command**: `launchctl setenv WAZUH_KEEP_ALIVE_INTERVAL "1234" && installer -pkg wazuh-agent-4.4.0-0.commitd677dd2.pkg -target /;` **Configuration**: `````` MANAGER_IP 1514 tcp darwin, darwin21, darwin21.1 1234 60 yes aes
AmazonLinux :green_circle:
**Command**: `WAZUH_TIME_RECONNECT="39482" yum install ./wazuh-agent-4.4.0-0.commitd677dd2.x86_64.rpm` **Configuration**: `````` MANAGER_IP 1514 tcp amzn, amzn2 10 39482 yes aes Ubuntu :green_circle:
**Command**: `WAZUH_TIME_RECONNECT="39482" apt-get install ./wazuh-agent_4.4.0-0.commitd677dd2_amd64.deb` **Configuration**: `````` MANAGER_IP 1514 tcp ubuntu, ubuntu22, ubuntu22.04 10 39482 yes aes Windows :green_circle:
**Command**: `.\wazuh-agent.msi /q WAZUH_TIME_RECONNECT="39482"` **Configuration**: `````` 0.0.0.0 1514 tcp aes 10 39482 yes macOS :green_circle:
**Command**: `launchctl setenv WAZUH_TIME_RECONNECT "39482" && installer -pkg wazuh-agent-4.4.0-0.commitd677dd2.pkg -target /;` **Configuration**: `````` MANAGER_IP 1514 tcp darwin, darwin21, darwin21.1 10 39482 yes aes
AmazonLinux :green_circle:
**Command**: `` **Configuration**: `````` MANAGER_IP 1514 tcp amzn, amzn2 10 60 yes aes yes /tmp/custom_path etc/authd.pass Ubuntu :green_circle:
**Command**: `WAZUH_REGISTRATION_CA="/tmp/custom_path" apt-get install ./wazuh-agent_4.4.0-0.commitd677dd2_amd64.deb` **Configuration**: `````` MANAGER_IP 1514 tcp ubuntu, ubuntu22, ubuntu22.04 10 60 yes aes yes /tmp/custom_path etc/authd.pass Windows :green_circle:
**Command**: `.\wazuh-agent.msi /q WAZUH_REGISTRATION_CA="/tmp/custom_path" ` **Configuration**: `````` 0.0.0.0 1514 tcp aes 10 60 yes yes /tmp/custom_path macOS :green_circle:
**Command**: `launchctl setenv WAZUH_REGISTRATION_CA "/tmp/custom_path" && installer -pkg wazuh-agent-4.4.0-0.commitd677dd2.pkg -target /;` **Configuration**: `````` MANAGER_IP 1514 tcp darwin, darwin21, darwin21.1 10 60 yes aes yes /tmp/custom_path etc/authd.pass
AmazonLinux :green_circle:
**Command**: `WAZUH_REGISTRATION_CERTIFICATE=/tmp/example_path yum install ./wazuh-agent-4.4.0-0.commitd677dd2.x86_64.rpm` **Configuration**: `````` MANAGER_IP 1514 tcp amzn, amzn2 10 60 yes aes yes /tmp/example_path etc/authd.pass Ubuntu :green_circle:
**Command**: `WAZUH_REGISTRATION_CERTIFICATE=/tmp/example_path apt-get install ./wazuh-agent_4.4.0-0.commitd677dd2_amd64.deb` **Configuration**: `````` MANAGER_IP 1514 tcp ubuntu, ubuntu22, ubuntu22.04 10 60 yes aes yes /tmp/example_path etc/authd.pass Windows :green_circle:
**Command**: `.\wazuh-agent.msi /q WAZUH_REGISTRATION_CERTIFICATE=C:\example` **Configuration**: `````` 0.0.0.0 1514 tcp aes 10 60 yes yes C:\example macOS :green_circle:
**Command**: `launchctl setenv WAZUH_REGISTRATION_CERTIFICATE "/tmp/example_path" && installer -pkg wazuh-agent-4.4.0-0.commitd677dd2.pkg -target /;` **Configuration**: `````` MANAGER_IP 1514 tcp darwin, darwin21, darwin21.1 10 60 yes aes yes /tmp/example_path etc/authd.pass
AmazonLinux :green_circle:
**Command**: `WAZUH_REGISTRATION_KEY=/tmp/example_path yum install ./wazuh-agent-4.4.0-0.commitd677dd2.x86_64.rpm` **Configuration**: `````` MANAGER_IP 1514 tcp amzn, amzn2 10 60 yes aes yes /tmp/example_path etc/authd.pass Ubuntu :green_circle:
**Command**: `WAZUH_REGISTRATION_KEY=/tmp/example_path apt-get install ./wazuh-agent_4.4.0-0.commitd677dd2_amd64.deb` **Configuration**: `````` MANAGER_IP 1514 tcp ubuntu, ubuntu22, ubuntu22.04 10 60 yes aes yes /tmp/example_path etc/authd.pass Windows :green_circle:
**Command**: `.\wazuh-agent.msi /q WAZUH_REGISTRATION_KEY=C:\example ` **Configuration**: `````` 0.0.0.0 1514 tcp aes 10 60 yes yes C:\example macOS :green_circle:
**Command**: `launchctl setenv WAZUH_REGISTRATION_KEY "/tmp/example_path" && installer -pkg wazuh-agent-4.4.0-0.commitd677dd2.pkg -target /;` **Configuration**: `````` MANAGER_IP 1514 tcp darwin, darwin21, darwin21.1 10 60 yes aes yes /tmp/example_path etc/authd.pass
AmazonLinux :green_circle:
**Command**: ` WAZUH_AGENT_NAME=1234_Testing-agent.name yum install ./wazuh-agent-4.4.0-0.commitd677dd2.x86_64.rpm` **Configuration**: `````` MANAGER_IP 1514 tcp amzn, amzn2 10 60 yes aes yes 1234_Testing-agent.name etc/authd.pass Ubuntu :green_circle:
**Command**: `WAZUH_AGENT_NAME=1234_Testing-agent.name apt-get install ./wazuh-agent_4.4.0-0.commitd677dd2_amd64.deb` **Configuration**: `````` MANAGER_IP 1514 tcp ubuntu, ubuntu22, ubuntu22.04 10 60 yes aes yes 1234_Testing-agent.name etc/authd.pass Windows :green_circle:
**Command**: `.\wazuh-agent.msi /q WAZUH_AGENT_NAME=1234_Testing-agent.name` **Configuration**: `````` 0.0.0.0 1514 tcp aes 10 60 yes yes 1234_Testing-agent.name macOS :green_circle:
**Command**: `launchctl setenv WAZUH_AGENT_NAME "1234_Testing-agent.name" && installer -pkg wazuh-agent-4.4.0-0.commitd677dd2.pkg -target /;` **Configuration**: `````` MANAGER_IP 1514 tcp darwin, darwin21, darwin21.1 10 60 yes aes yes 1234_Testing-agent.name etc/authd.pass
AmazonLinux :green_circle:
**Command**: `WAZUH_AGENT_GROUP=testing1,testing2,123455,group,group4,group5,a,b,c,d,e,f,g,hi,j,k,1,2,3,4,5,6,7,8,9,0,11,12,13 yum install ./wazuh-agent-4.4.0-0.commitd677dd2.x86_64.rpm` **Configuration**: `````` MANAGER_IP 1514 tcp amzn, amzn2 10 60 yes aes yes testing1,testing2,123455,group,group4,group5,a,b,c,d,e,f,g,hi,j,k,1,2,3,4,5,6,7,8,9,0,11,12,13 etc/authd.pass Ubuntu :green_circle:
**Command**: `WAZUH_AGENT_GROUP=testing1,testing2,123455,group,group4,group5,a,b,c,d,e,f,g,hi,j,k,1,2,3,4,5,6,7,8,9,0,11,12,13 apt-get install ./wazuh-agent_4.4.0-0.commitd677dd2_amd64.deb` **Configuration**: `````` MANAGER_IP 1514 tcp ubuntu, ubuntu22, ubuntu22.04 10 60 yes aes yes testing1,testing2,123455,group,group4,group5,a,b,c,d,e,f,g,hi,j,k,1,2,3,4,5,6,7,8,9,0,11,12,13 etc/authd.pass Windows :green_circle:
**Command**: `.\wazuh-agent.msi /q WAZUH_AGENT_GROUP=testing1,testing2,123455,group,group4,group5,a,b,c,d,e,f,g,hi,j,k,1,2,3,4,5,6,7,8,9,0,11,12,13 ` **Configuration**: `````` 0.0.0.0 1514 tcp aes 10 60 yes yes testing1,testing2,123455,group,group4,group5,a,b,c,d,e,f,g,hi,j,k,1,2,3,4,5,6,7,8,9,0,11,12,13 macOS :green_circle:
**Command**: `setenv WAZUH_AGENT_GROUP "testing1,testing2,123455,group,group4,group5,a,b,c,d,e,f,g,hi,j,k,1,2,3,4,5,6,7,8,9,0,11,12,13" && installer -pkg wazuh-agent-4.4.0-0.commitd677dd2.pkg -target /;` **Configuration**: `````` MANAGER_IP 1514 tcp darwin, darwin21, darwin21.1 10 60 yes aes yes testing1,testing2,123455,group,group4,group5,a,b,c,d,e,f,g,hi,j,k,1,2,3,4,5,6,7,8,9,0,11,12,13 etc/authd.pass
AmazonLinux :green_circle:
**Command**: `ENROLLMENT_DELAY=693 yum install ./wazuh-agent-4.4.0-0.commitd677dd2.x86_64.rpm` **Configuration**: `````` MANAGER_IP 1514 tcp amzn, amzn2 10 60 yes aes yes etc/authd.pass 693 Ubuntu :green_circle:
**Command**: `ENROLLMENT_DELAY=693 apt-get install ./wazuh-agent_4.4.0-0.commitd677dd2_amd64.deb` **Configuration**: `````` MANAGER_IP 1514 tcp ubuntu, ubuntu22, ubuntu22.04 10 60 yes aes yes etc/authd.pass 693 Windows :green_circle:
**Command**: `.\wazuh-agent.msi /q ENROLLMENT_DELAY=693` **Configuration**: `````` 0.0.0.0 1514 tcp aes 10 60 yes yes 693 macOS :green_circle:
**Command**: `launchctl setenv ENROLLMENT_DELAY "693" && installer -pkg wazuh-agent-4.4.0-0.commitd677dd2.pkg -target /;` **Configuration**: `````` MANAGER_IP 1514 tcp darwin, darwin21, darwin21.1 10 60 yes aes yes etc/authd.pass 693
Windows :green_circle:
**Command**: `.\wazuh-agent.msi /q /l installer.lo` **Configuration**: `````` **install.log**: ``` === Logging started: 10/7/2022 10:42:17 === Action start 10:42:17: INSTALL. Action start 10:42:17: FindRelatedProducts. Action ended 10:42:17: FindRelatedProducts. Return value 1. Action start 10:42:17: AppSearch. Action ended 10:42:17: AppSearch. Return value 1. Action start 10:42:17: CheckSvcRunning. Action ended 10:42:17: CheckSvcRunning. Return value 0. Action start 10:42:17: ValidateProductID. Action ended 10:42:17: ValidateProductID. Return value 1. Action start 10:42:17: CostInitialize. Action ended 10:42:17: CostInitialize. Return value 1. Action start 10:42:17: FileCost. Action ended 10:42:17: FileCost. Return value 1. Action start 10:42:17: WixSetDefaultPerUserFolder. Action ended 10:42:17: WixSetDefaultPerUserFolder. Return value 1. Action start 10:42:17: WixSetDefaultPerMachineFolder. Action ended 10:42:17: WixSetDefaultPerMachineFolder. Return value 1. Action start 10:42:17: WixSetPerMachineFolder. Action ended 10:42:17: WixSetPerMachineFolder. Return value 1. Action start 10:42:17: CostFinalize. Action ended 10:42:17: CostFinalize. Return value 1. Action start 10:42:17: MigrateFeatureStates. Action ended 10:42:17: MigrateFeatureStates. Return value 0. Action start 10:42:17: InstallValidate. Action ended 10:42:17: InstallValidate. Return value 1. Action start 10:42:17: InstallInitialize. Action ended 10:42:17: InstallInitialize. Return value 1. Action start 10:42:17: SetCustomActionDataValue. Action ended 10:42:17: SetCustomActionDataValue. Return value 1. Action start 10:42:17: CustomAction_InstallerScripts. Action ended 10:42:18: CustomAction_InstallerScripts. Return value 1. Action start 10:42:18: ProcessComponents. Action ended 10:42:18: ProcessComponents. Return value 1. Action start 10:42:18: UnpublishFeatures. Action ended 10:42:18: UnpublishFeatures. Return value 1. Action start 10:42:18: SchedSecureObjectsRollback. SchedSecureObjectsRollback: Entering SchedSecureObjectsRollback in C:\Windows\Installer\MSIB9A4.tmp, version 3.11.4516.0 SchedSecureObjectsRollback: Failed to store ACL rollback information with error 0x80070002 - continuing Action ended 10:42:18: SchedSecureObjectsRollback. Return value 1. Action start 10:42:18: StopServices. Action ended 10:42:18: StopServices. Return value 1. Action start 10:42:18: DeleteServices. Action ended 10:42:18: DeleteServices. Return value 1. Action start 10:42:18: RemoveRegistryValues. ".\installer.log" [converted] 101L, 5898B ``` 0.0.0.0 1514 tcp aes 10 60 yes
Windows :green_circle:
**Command**: `.\wazuh-agent.msi /q /l*v installer.log` **Configuration**: `````` **installer.log**: ``` === Verbose logging started: 10/7/2022 10:45:05 Build type: SHIP UNICODE 5.00.10011.00 Calling process: C:\Windows\System32\msiexec.exe ===^M MSI (c) (78:64) [10:45:05:076]: Resetting cached policy values^M MSI (c) (78:64) [10:45:05:076]: Machine policy value 'Debug' is 0^M MSI (c) (78:64) [10:45:05:076]: ******* RunEngine:^M ******* Product: C:\Users\qa\wazuh-agent.msi^M ******* Action: ^M ******* CommandLine: **********^M MSI (c) (78:64) [10:45:05:076]: Client-side and UI is none or basic: Running entire install on the server.^M MSI (c) (78:64) [10:45:05:076]: Grabbed execution mutex.^M MSI (c) (78:64) [10:45:05:092]: Cloaking enabled.^M MSI (c) (78:64) [10:45:05:092]: Attempting to enable all disabled privileges before calling Install on Server^M MSI (c) (78:64) [10:45:05:092]: Incrementing counter to disable shutdown. Counter after increment: 0^M MSI (s) (9C:EC) [10:45:05:108]: Running installation inside multi-package transaction C:\Users\qa\wazuh-agent.msi^M MSI (s) (9C:EC) [10:45:05:108]: Grabbed execution mutex.^M MSI (s) (9C:08) [10:45:05:108]: Resetting cached policy values^M MSI (s) (9C:08) [10:45:05:108]: Machine policy value 'Debug' is 0^M MSI (s) (9C:08) [10:45:05:108]: ******* RunEngine:^M ******* Product: C:\Users\qa\wazuh-agent.msi^M ******* Action: ^M ******* CommandLine: **********^M MSI (s) (9C:08) [10:45:05:108]: Machine policy value 'DisableUserInstalls' is 0^M MSI (s) (9C:08) [10:45:05:108]: Note: 1: 2203 2: C:\Windows\Installer\inprogressinstallinfo.ipi 3: -2147287038 ^M MSI (s) (9C:08) [10:45:05:108]: SRSetRestorePoint skipped for this transaction.^M MSI (s) (9C:08) [10:45:05:108]: Note: 1: 1402 2: HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer 3: 2 ^M MSI (s) (9C:08) [10:45:05:108]: File will have security applied from OpCode.^M MSI (s) (9C:08) [10:45:05:108]: SOFTWARE RESTRICTION POLICY: Verifying package --> 'C:\Users\qa\wazuh-agent.msi' against software restriction policy^M MSI (s) (9C:08) [10:45:05:108]: Note: 1: 2262 2: ^EDigitalSignature 3: -2147287038 ^M MSI (s) (9C:08) [10:45:05:108]: SOFTWARE RESTRICTION POLICY: C:\Users\qa\wazuh-agent.msi is not digitally signed^M MSI (s) (9C:08) [10:45:05:108]: SOFTWARE RESTRICTION POLICY: C:\Users\qa\wazuh-agent.msi is permitted to run at the 'unrestricted' authorization level.^M MSI (s) (9C:08) [10:45:05:108]: MSCOREE not loaded loading copy from system32^M MSI (s) (9C:08) [10:45:05:123]: End dialog not enabled^M MSI (s) (9C:08) [10:45:05:123]: Original package ==> C:\Users\qa\wazuh-agent.msi^M MSI (s) (9C:08) [10:45:05:123]: Package we're running from ==> C:\Windows\Installer\584ed3.msi^M MSI (s) (9C:08) [10:45:05:123]: APPCOMPAT: Compatibility mode property overrides found.^M MSI (s) (9C:08) [10:45:05:123]: APPCOMPAT: looking for appcompat database entry with ProductCode '{5290B60A-A5D5-493B-864F-FCE6C045AA26}'.^M MSI (s) (9C:08) [10:45:05:123]: APPCOMPAT: no matching ProductCode found in database.^M MSI (s) (9C:08) [10:45:05:123]: Machine policy value 'TransformsSecure' is 1^M MSI (s) (9C:08) [10:45:05:123]: Machine policy value 'DisablePatch' is 0^M MSI (s) (9C:08) [10:45:05:123]: Machine policy value 'AllowLockdownPatch' is 0^M MSI (s) (9C:08) [10:45:05:123]: Machine policy value 'DisableLUAPatching' is 0^M MSI (s) (9C:08) [10:45:05:123]: Machine policy value 'DisableFlyWeightPatching' is 0^M MSI (s) (9C:08) [10:45:05:123]: APPCOMPAT: looking for appcompat database entry with ProductCode '{5290B60A-A5D5-493B-864F-FCE6C045AA26}'.^M MSI (s) (9C:08) [10:45:05:123]: APPCOMPAT: no matching ProductCode found in database.^M MSI (s) (9C:08) [10:45:05:123]: Transforms are not secure.^M MSI (s) (9C:08) [10:45:05:123]: PROPERTY CHANGE: Adding MsiLogFileLocation property. Its value is 'C:\Users\qa\installer.log'.^M ".\installer.log" [converted][unix] 1187L, 135095B 1,1 Top ``` 0.0.0.0 1514 tcp aes 10 60 yes
Some issues were detected for all OS: - Linux and macOS - Protocols and managers mismatch due to manager reordering. This makes that manager configured to use UDP instead of TCP (the first one) will use TCP instead in the final configuration. - Windows - Error during agent installation (Not present in 4.3.8)AmazonLinux :red_circle:
**Command**: `WAZUH_MANAGER=wazuh-manager,wazuh-manager2,4.4.4.4,1.2.1.3,dns-manager WAZUH_PROTOCOL=UDP WAZUH_MANAGER_PORT=444 WAZUH_AGENT_NAME=TESTING yum install ./wazuh-agent-4.4.0-0.commitd677dd2.x86_64.rpm` **Configuration**: `````` 1.2.1.3 444 udp 4.4.4.4 444 tcp dns-manager 444 tcp wazuh-manager 444 tcp wazuh-manager2 444 tcp amzn, amzn2 10 60 yes aes yes 1.2.1.3 TESTING etc/authd.pass Ubuntu :red_circle:
**Command**: `WAZUH_MANAGER=wazuh-manager,wazuh-manager2,4.4.4.4,1.2.1.3,dns-manager WAZUH_PROTOCOL=UDP WAZUH_MANAGER_PORT=444 WAZUH_AGENT_NAME=TESTING apt-get install ./wazuh-agent_4.4.0-0.commitd677dd2_amd64.deb` **Configuration**: `````` 1.2.1.3 444 udp 4.4.4.4 444 tcp dns-manager 444 tcp wazuh-manager 444 tcp wazuh-manager2 444 tcp ubuntu, ubuntu22, ubuntu22.04 10 60 yes aes yes 1.2.1.3 TESTING etc/authd.pass Windows :red_circle: :warning:
Windows installer fails. **Error not present in 4.3.8** **Command**: `.\wazuh-agent.msi /q WAZUH_MANAGER=wazuh-manager,wazuh-manager2,4.4.4.4,1.2.1.3,dns-manager WAZUH_PROTOCOL=UDP WAZUH_MANAGER_PORT=444 WAZUH_AGENT_NAME=TESTING /l*v installer.log` **installer.log**: [installer.zip](https://github.com/wazuh/wazuh-qa/files/9733495/installer.zip)macOS :red_circle:
**Command**: `WAZUH_MANAGER "wazuh-manager,wazuh-manager2,4.4.4.4,1.2.1.3,dns-manager" WAZUH_PROTOCOL "UDP" WAZUH_MANAGER_PORT "444" WAZUH_AGENT_NAME "TESTING" && installer -pkg wazuh-agent-4.4.0-0.commitd677dd2.pkg -target /` **Configuration**: `````` 1.2.1.3 444 udp 4.4.4.4 444 tcp dns-manager 444 tcp wazuh-manager 444 tcp wazuh-manager2 444 tcp darwin, darwin21, darwin21.1 10 60 yes aes yes 1.2.1.3 TESTING etc/authd.pass
Some issues were detected - Windows - Multiple protocol configuration blocks, resulting in the use of a not specified protocol. (Not present in 4.3.8)AmazonLinux :green_circle:
**Command**: `WAZUH_MANAGER=wazuh-manager WAZUH_PROTOCOL=UDP,TCP,TPC,UPC,UDP WAZUH_MANAGER_PORT=444 WAZUH_AGENT_NAME=TESTING yum install ./wazuh-agent-4.4.0-0.commitd677dd2.x86_64.rpm` **Configuration**: `````` wazuh-manager 444 udp amzn, amzn2 10 60 yes aes yes wazuh-manager TESTING etc/authd.pass Ubuntu :green_circle:
**Command**: `WAZUH_MANAGER=wazuh-manager WAZUH_PROTOCOL=UDP,TCP,TPC,UPC,UDP WAZUH_MANAGER_PORT=444 WAZUH_AGENT_NAME=TESTING apt-get install ./wazuh-agent_4.4.0-0.commitd677dd2_amd64.deb` **Configuration**: `````` wazuh-manager 444 udp ubuntu, ubuntu22, ubuntu22.04 10 60 yes aes yes wazuh-manager TESTING etc/authd.pass Windows :red_circle:
**Command**: `.\wazuh-agent.msi /q WAZUH_MANAGER=wazuh-manager WAZUH_PROTOCOL=UDP,TCP,TPC,UPC,UDP WAZUH_MANAGER_PORT=444 WAZUH_AGENT_NAME=TESTING` **Configuration**: `````` wazuh-manager 444 udp tcp aes 10 60 yes yes TESTING macOS :green_circle:
**Command**: `setenv WAZUH_MANAGER "wazuh-manager" WAZUH_PROTOCOL "UDP,TCP,TPC,UPC,UDP" WAZUH_MANAGER_PORT "444" WAZUH_AGENT_NAME "TESTING" && installer -pkg wazuh-agent-4.4.0-0.commitd677dd2.pkg -target /` **Configuration**: `````` wazuh-manager 444 udp darwin, darwin21, darwin21.1 10 60 yes aes yes wazuh-manager TESTING etc/authd.pass
Some issues were detected - Windows - Multiple protocol configuration blocks, resulting in the use of a not specified protocol. (Not present in 4.3.8)AmazonLinux :green_circle:
**Command**: `WAZUH_MANAGER=wazuh-manager WAZUH_PROTOCOL=UDP WAZUH_MANAGER_PORT=444 WAZUH_AGENT_NAME=TESTING yum install ./wazuh-agent-4.4.0-0.commitd677dd2.x86_64.rpm` **Configuration**: `````` wazuh-manager 444 udp amzn, amzn2 10 60 yes aes yes wazuh-manager TESTING etc/authd.pass Ubuntu :green_circle:
**Command**: `WAZUH_MANAGER=wazuh-manager WAZUH_PROTOCOL=UDP WAZUH_MANAGER_PORT=444 WAZUH_AGENT_NAME=TESTING apt-get install ./wazuh-agent_4.4.0-0.commitd677dd2_amd64.deb` **Configuration**: `````` wazuh-manager 444 udp ubuntu, ubuntu22, ubuntu22.04 10 60 yes aes yes wazuh-manager TESTING etc/authd.pass Windows :red_circle:
**Command**: `.\wazuh-agent.msi /q WAZUH_MANAGER=wazuh-manager WAZUH_PROTOCOL=UDP WAZUH_MANAGER_PORT=444 WAZUH_AGENT_NAME=TESTING` **Configuration**: `````` wazuh-manager 444 udp tcp aes 10 60 yes yes TESTING macOS :green_circle:
**Command**: `launchctl setenv WAZUH_MANAGER "wazuh-manager" WAZUH_PROTOCOL "UDP" WAZUH_MANAGER_PORT "444" WAZUH_AGENT_NAME "TESTING" && installer -pkg wazuh-agent-4.4.0-0.commitd677dd2.pkg -target /` **Configuration**: `````` wazuh-manager 444 udp darwin, darwin21, darwin21.1 10 60 yes aes yes wazuh-manager TESTING etc/authd.pass
Comments: Some reasons have been found as to why we do not approve the PR. These are as follows:
WAZUH_MANAGER
do not follow the specified order, causing inconsistencies (cc @wazuh/cicd).Installation using the WAZUH_MANAGER
variable with multiple values causes blocks to be inserted in an unexpected order, causing the protocols and manager addresses to not match as expected. This occurs for Linux and macOS agents.
(2) WAZUH_PROTOCOL
values cause multiple <protocol>
blocks to be inserted in Windows agents, potentially causing unwanted behavior (cc @wazuh/cicd).
(3) If we specify more values for WAZUH_MANAGER
variable than > WAZUH_PROTOCOL
, then wazuh-agent installation fails for Windows (cc @wazuh/cicd).
(4) New Warning during agent installation in Ubuntu (cc @wazuh/cicd).
N: Download is performed unsandboxed as root as file '/home/ubuntu/wazuh-agent_4.4.0-0.commitd677dd2_amd64.deb' couldn't be accessed by user '_apt'. - pkgAcquire::Run (13: Permission denied)
(5) Windows Server 2022 default configuration does not include any config-profile
(cc @wazuh/cicd).
(6) Default manager IP mismatch for Linux and macOS agents (MANAGER_IP
) from Windows (0.0.0.0
) (cc @wazuh/cicd).
(7) Warning during Ubuntu agent uninstallation using apt-get remove wazuh-agent
(cc @wazuh/cicd):
dpkg: warning: while removing wazuh-agent, directory '/usr/lib/systemd/system' not empty so not removed
This will be discussed with the development team in order to request the new proposed changes.
After talking with the CICD team, it has been decided that (1), (2) and (3) (related to the network of the tested development) will be reviewed and fixed in this own development.
Regarding (4), (5), (6), (7) we will investigate if there are previously reported issues, and in case there are not they will be opened to be fixed in the future (it is not a stopper to approve the tested development).
AmazonLinux :red_circle:
Unexpected message during installation: `/var/ossec/packages_files/agent_installation_scripts/src/init/register_configure_agent.sh: line 339: [: too many arguments` **Command**: `WAZUH_MANAGER=3.3.3.3,2.2.2.2,1.1.1.1 WAZUH_PROTOCOL=UDP,UDP,TCP yum install wazuh-agent` - **Installation**: ``` [root@ip-172-31-5-251 qa]# WAZUH_MANAGER=3.3.3.3,2.2.2.2,1.1.1.1 WAZUH_PROTOCOL=UDP,UDP,TCP yum install wazuh-agent-4.4.0-0.commite0c0c34.x86_64.rpm Loaded plugins: extras_suggestions, langpacks, priorities, update-motd ... /var/ossec/packages_files/agent_installation_scripts/src/init/register_configure_agent.sh: line 339: [: too many arguments Verifying : wazuh-agent-4.4.0-0.commite0c0c34.x86_64 ``` **Configuration**: `````` 3.3.3.3 1514 udp 2.2.2.2 1514 udp 1.1.1.1 1514 tcp amzn, amzn2 10 60 yes aes yes 3.3.3.3 etc/authd.pass Ubuntu :red_circle:
Unexpected message during installation `/var/ossec/packages_files/agent_installation_scripts/src/init/register_configure_agent.sh: line 339: [: too many arguments` **Command**: `WAZUH_MANAGER=3.3.3.3,2.2.2.2,1.1.1.1 WAZUH_PROTOCOL=UDP,UDP,TCP apt-get install ./wazuh-agent_4.4.0-0.commite0c0c34_amd64.deb` **Install**: ``` root@ip-172-31-2-16:/home/qa# WAZUH_MANAGER=3.3.3.3,2.2.2.2,1.1.1.1 WAZUH_PROTOCOL=UDP,UDP,TCP apt-get install ./wazuh-agent_4.4.0-0.commite0c0c34_amd64.deb Reading package lists... Done Building dependency tree... Done Reading state information... Done Note, selecting 'wazuh-agent' instead of './wazuh-agent_4.4.0-0.commite0c0c34_amd64.deb' The following packages were automatically installed and are no longer required: libpython2-dev libpython2.7 libpython2.7-dev linux-image-5.13.0-1021-aws linux-modules-5.13.0-1021-aws python2-dev python2.7-dev Use 'sudo apt autoremove' to remove them. The following NEW packages will be installed: wazuh-agent 0 upgraded, 1 newly installed, 0 to remove and 0 not upgraded. Need to get 0 B/8,718 kB of archives. After this operation, 29.1 MB of additional disk space will be used. Get:1 /home/qa/wazuh-agent_4.4.0-0.commite0c0c34_amd64.deb wazuh-agent amd64 4.4.0-0.commite0c0c34 [8,718 kB] Preconfiguring packages ... Selecting previously unselected package wazuh-agent. (Reading database ... 120114 files and directories currently installed.) Preparing to unpack .../wazuh-agent_4.4.0-0.commite0c0c34_amd64.deb ... Unpacking wazuh-agent (4.4.0-0.commite0c0c34) ... Setting up wazuh-agent (4.4.0-0.commite0c0c34) ... /var/ossec/packages_files/agent_installation_scripts/src/init/register_configure_agent.sh: line 339: [: too many arguments Scanning processes... Scanning linux images... Running kernel seems to be up-to-date. No services need to be restarted. No containers need to be restarted. No user sessions are running outdated binaries. No VM guests are running outdated hypervisor (qemu) binaries on this host. N: Download is performed unsandboxed as root as file '/home/qa/wazuh-agent_4.4.0-0.commite0c0c34_amd64.deb' couldn't be accessed by user '_apt'. - pkgAcquire::Run (13: Permission denied) ``` **Configuration**: ```3.3.3.3 1514 udp 2.2.2.2 1514 udp 1.1.1.1 ```1514 tcp Windows :green_circle:
**Command**: `wazuh-agent.msi /q WAZUH_MANAGER=3.3.3.3,2.2.2.2,1.1.1.1 WAZUH_PROTOCOL=UDP,UDP,TCP` **Configuration**: ```3.3.3.3 1514 udp 2.2.2.2 1514 udp 1.1.1.1 ```1514 tcp macOS :green_circle:
**Command**: `launchctl setenv WAZUH_MANAGER "3.3.3.3,2.2.2.2,1.1.1.1" WAZUH_PROTOCOL "UDP,UDP,TCP" && installer -pkg wazuh-agent-4.4.0.pkg -target / ` **Configuration**: ```3.3.3.3 1514 udp 2.2.2.2 1514 udp 1.1.1.1 ```1514 tcp
AmazonLinux :green_circle:
**Command**: `WAZUH_MANAGER=wazuh-manager,wazuh-manager2,4.4.4.4,1.2.1.3,dns-manager WAZUH_PROTOCOL=UDP WAZUH_MANAGER_PORT=444 WAZUH_AGENT_NAME=TESTING yum install ./wazuh-agent-4.4.0-0.commitd677dd2.x86_64.rpm` **Configuration**: ```wazuh-manager 444 udp wazuh-manager2 444 tcp 4.4.4.4 444 tcp 1.2.1.3 444 tcp dns-manager ```444 tcp Ubuntu :green_circle:
**Command**: `WAZUH_MANAGER=wazuh-manager,wazuh-manager2,4.4.4.4,1.2.1.3,dns-manager WAZUH_PROTOCOL=UDP WAZUH_MANAGER_PORT=444 WAZUH_AGENT_NAME=TESTING apt-get install ./wazuh-agent_4.4.0-0.commitd677dd2_amd64.deb` **Configuration**: `````` wazuh-manager 444 udp wazuh-manager2 444 tcp 4.4.4.4 444 tcp 1.2.1.3 444 tcp dns-manager 444 tcp ubuntu, ubuntu22, ubuntu22.04 10 60 yes aes yes wazuh-manager TESTING etc/authd.pass Windows :red_circle: :warning:
Windows installer fails. **Error not present in 4.3.8** **Command**: `.\wazuh-agent.msi /q WAZUH_MANAGER=wazuh-manager,wazuh-manager2,4.4.4.4,1.2.1.3,dns-manager WAZUH_PROTOCOL=UDP WAZUH_MANAGER_PORT=444 WAZUH_AGENT_NAME=TESTING /l*v installer.log` **installer.log**: [installer.zip](https://github.com/wazuh/wazuh-qa/files/9799942/installer.zip)macOS :green_circle:
**Command**: `launchctl setenv WAZUH_MANAGER "wazuh-manager,wazuh-manager2,4.4.4.4,1.2.1.3,dns-manager" WAZUH_PROTOCOL "UDP" WAZUH_MANAGER_PORT "444" WAZUH_AGENT_NAME "TESTING" && installer -pkg wazuh-agent-4.4.0-0.commite0c0c34.pkg -target /` **Configuration**: `````` wazuh-manager 444 udp wazuh-manager2 444 tcp 4.4.4.4 444 tcp 1.2.1.3 444 tcp dns-manager 444 tcp darwin, darwin21, darwin21.1 10 60 yes aes yes wazuh-manager TESTING etc/authd.pass
AmazonLinux :red_circle:
**Command**: `WAZUH_MANAGER=wazuh-manager,wazuh-manager WAZUH_PROTOCOL=UDP WAZUH_MANAGER_PORT=444 WAZUH_AGENT_NAME=TESTING yum install ./wazuh-agent-4.4.0-0.commite0c0c34.x86_64.rpm` **Configuration**: `````` wazuh-manager 444 udp wazuh-manager 444 tcp amzn, amzn2 10 60 yes aes yes wazuh-manager TESTING etc/authd.pass Ubuntu :red_circle:
**Command**: `WAZUH_MANAGER=wazuh-manager,wazuh-manager WAZUH_PROTOCOL=UDP WAZUH_MANAGER_PORT=444 WAZUH_AGENT_NAME=TESTING apt-get install ./wazuh-agent_4.4.0-0.commite0c0c34_amd64.deb` **Configuration**: `````` wazuh-manager 444 udp wazuh-manager 444 tcp ubuntu, ubuntu22, ubuntu22.04 10 60 yes aes yes wazuh-manager TESTING etc/authd.pass Windows :red_circle:
**Command**: `.\wazuh-agent.msi /q WAZUH_MANAGER=wazuh-manager,wazuh-manager WAZUH_PROTOCOL=UDP,UDP WAZUH_MANAGER_PORT=444 WAZUH_AGENT_NAME=TESTING /l*v installer.log` **Configuration**: `````` wazuh-manager 444 udp wazuh-manager 444 udp aes 10 60 yes yes TESTING macOS :red_circle:
**Command**: `launchctl setenv WAZUH_MANAGER "wazuh-manager,wazuh-manager" WAZUH_PROTOCOL "UDP" WAZUH_MANAGER_PORT "444" WAZUH_AGENT_NAME "TESTING" && installer -pkg wazuh-agent-4.4.0-0.commite0c0c34.pkg -target /` **Configuration**: ```wazuh-manager 444 udp wazuh-manager ```444 tcp
After meeting with @Rebits and @alberpilot we decided on the following https://github.com/wazuh/wazuh/issues/14532#issuecomment-1281151094
Note: Due to https://github.com/wazuh/wazuh-jenkins/issues/3115, macOS was not tested properly. It is suggested to consider detected bugs in this testing interaction while the deployment issue is mitigated. Build: https://ci.wazuh.info/job/Deployer/554/console
ossec.conf
. While in Linux agent enrollment
configuration block is always specified, in Windows agent if default values are not changed, no configuration is specified. :yellow_circle: AmazonLinux :green_circle:
**Command**: `WAZUH_MANAGER=3.3.3.3,2.2.2.2,1.1.1.1 WAZUH_PROTOCOL=UDP,UDP,TCP yum install wazuh-agent-4.4.0-0.commit8eb0a41.x86_64.rpm` **Configuration**: ```3.3.3.3 1514 udp 2.2.2.2 1514 udp 1.1.1.1 ```1514 tcp Ubuntu :green_circle:
**Command**: `WAZUH_MANAGER=3.3.3.3,2.2.2.2,1.1.1.1 WAZUH_PROTOCOL=UDP,UDP,TCP apt-get install ./wazuh-agent_4.4.0-0.commit8eb0a41_amd64.deb` **Configuration**: ```3.3.3.3 1514 udp 2.2.2.2 1514 udp 1.1.1.1 ```1514 tcp Windows :green_circle:
**Command**: `.\wazuh-agent.msi /q WAZUH_MANAGER=3.3.3.3,2.2.2.2,1.1.1.1 WAZUH_PROTOCOL=UDP,UDP,TCP` **Configuration**: `````` 3.3.3.3 1514 udp 2.2.2.2 1514 udp 1.1.1.1 1514 tcp aes 10 60 yes macOS :large_blue_circle:
**Command**: **Configuration**: ``` ```
AmazonLinux :green_circle:
**Command**: `WAZUH_MANAGER=wazuh-manager,wazuh-manager2,4.4.4.4,1.2.1.3,dns-manager WAZUH_PROTOCOL=UDP WAZUH_MANAGER_PORT=444 WAZUH_AGENT_NAME=TESTING yum install ./wazuh-agent-4.4.0.rpm` **Configuration**: ```wazuh-manager 444 udp wazuh-manager2 444 tcp 4.4.4.4 444 tcp 1.2.1.3 444 tcp dns-manager ```444 tcp Ubuntu :green_circle:
**Command**: `WAZUH_MANAGER=wazuh-manager,wazuh-manager2,4.4.4.4,1.2.1.3,dns-manager WAZUH_PROTOCOL=UDP WAZUH_MANAGER_PORT=444 WAZUH_AGENT_NAME=TESTING apt-get install ./wazuh-agent_4.4.0.deb` **Configuration**: ```wazuh-manager 444 udp wazuh-manager2 444 tcp 4.4.4.4 444 tcp 1.2.1.3 444 tcp dns-manager ```444 tcp Windows :green_circle:
**Command**: `\wazuh-agent.msi /q WAZUH_MANAGER=wazuh-manager,wazuh-manager2,4.4.4.4,1.2.1.3,dns-manager WAZUH_PROTOCOL=UDP WAZUH_MANAGER_PORT=444 WAZUH_AGENT_NAME=TESTING` **Configuration**: `````` wazuh-manager 444 udp wazuh-manager2 444 tcp 4.4.4.4 444 tcp 1.2.1.3 444 tcp dns-manager 444 tcp aes 10 60 yes yes TESTING macOS :large_blue_circle:
**Command**: **Configuration**: ``` ```
AmazonLinux :green_circle:
**Command**: `WAZUH_MANAGER=wazuh-manager,wazuh-manager WAZUH_PROTOCOL=UDP WAZUH_MANAGER_PORT=444 WAZUH_AGENT_NAME=TESTING yum install ./wazuh-agent-4.4.0-0.rpm` **Configuration**: ```wazuh-manager 444 udp wazuh-manager ```444 tcp Ubuntu :green_circle:
**Command**: `WAZUH_MANAGER=wazuh-manager,wazuh-manager WAZUH_PROTOCOL=UDP WAZUH_MANAGER_PORT=444 WAZUH_AGENT_NAME=TESTING apt-get install ./wazuh-agent_4.4.0-0..deb` **Configuration**: ```wazuh-manager 444 udp wazuh-manager ```444 tcp Windows :green_circle:
**Command**: `\wazuh-agent.msi /q WAZUH_MANAGER=wazuh-manager,wazuh-manager WAZUH_PROTOCOL=UDP WAZUH_MANAGER_PORT=444 WAZUH_AGENT_NAME=TESTING` **Configuration**: `````` wazuh-manager 444 udp wazuh-manager 444 tcp aes 10 60 yes yes TESTING macOS :large_blue_circle:
**Command**: **Configuration**: ``` ```
AmazonLinux :green_circle:
**Command**: - `WAZUH_MANAGER=wazuh-manager,wazuh-manager WAZUH_PROTOCOL=TCP WAZUH_MANAGER_PORT=444 WAZUH_AGENT_NAME=TESTING yum install ./wazuh-agent-4.4.0-0.commit8eb0a41.x86_64.rpm` - `WAZUH_MANAGER=wazuh-manager,wazuh-manager WAZUH_PROTOCOL=tCP,tCp WAZUH_MANAGER_PORT=444 WAZUH_AGENT_NAME=TESTING yum install ./wazuh-agent-4.4.0-0.commit8eb0a41.x86_64.rpm` **Configuration**: ```wazuh-manager ```444 tcp Ubuntu :green_circle:
**Command**: - `WAZUH_MANAGER=wazuh-manager,wazuh-manager WAZUH_PROTOCOL=TCP WAZUH_MANAGER_PORT=444 WAZUH_AGENT_NAME=TESTING apt-get install wazuh-agent` - `WAZUH_MANAGER=wazuh-manager,wazuh-manager WAZUH_PROTOCOL=tCP,tCp WAZUH_MANAGER_PORT=444 WAZUH_AGENT_NAME=TESTING apt-get install wazuh-agent` **Configuration**: ```wazuh-manager ```444 tcp Windows :red_circle:
**Command**: - `.\wazuh-agent.msi /q WAZUH_MANAGER=wazuh-manager,wazuh-manager WAZUH_PROTOCOL=TCP WAZUH_MANAGER_PORT=444 WAZUH_AGENT_NAME=TESTING` - `.\wazuh-agent.msi /q WAZUH_MANAGER=wazuh-manager,wazuh-manager WAZUH_PROTOCOL=TCP,tCP WAZUH_MANAGER_PORT=444 WAZUH_AGENT_NAME=TESTING` **Configuration**: `````` Expected : ``` wazuh-manager 444 tcp wazuh-manager 444 tcp aes 10 60 yes yes TESTING wazuh-manager ```444 tcp macOS :large_blue_circle:
**Command**: **Configuration**: ``` ```
AmazonLinux :green_circle:
**Command**: `WAZUH_MANAGER=1.1.1.1,wazuh-manager,3.3.3.3,testing-manager,dns-manager,MANAGER-4 WAZUH_MANAGER_PORT=7777 WAZUH_PROTOCOL=udp WAZUH_REGISTRATION_SERVER=2.2.2.2 WAZUH_REGISTRATION_PORT=8888 WAZUH_REGISTRATION_PASSWORD=password WAZUH_KEEP_ALIVE_INTERVAL=10 WAZUH_TIME_RECONNECT=10 WAZUH_REGISTRATION_CA=/var/ossec/etc/testsslmanager.cert WAZUH_REGISTRATION_CERTIFICATE=/var/ossec/etc/testsslmanager.cert WAZUH_REGISTRATION_KEY=/var/ossec/etc/testsslmanager.key WAZUH_AGENT_NAME=test-agent WAZUH_AGENT_GROUP=test-group ENROLLMENT_DELAY=10 yum install ./wazuh-agent-4.4.0-0.commit8eb0a41.x86_64` **Configuration**: `````` 1.1.1.1 7777 udp wazuh-manager 7777 tcp 3.3.3.3 7777 tcp testing-manager 7777 tcp dns-manager 7777 tcp MANAGER-4 7777 tcp amzn, amzn2 10 10 yes aes yes 2.2.2.2 8888 test-agent test-group /var/ossec/etc/testsslmanager.cert /var/ossec/etc/testsslmanager.cert /var/ossec/etc/testsslmanager.key etc/authd.pass 10 Ubuntu :green_circle:
**Command**: `WAZUH_MANAGER=1.1.1.1,wazuh-manager,3.3.3.3,testing-manager,dns-manager,MANAGER-4 WAZUH_MANAGER_PORT=7777 WAZUH_PROTOCOL=udp WAZUH_REGISTRATION_SERVER=2.2.2.2 WAZUH_REGISTRATION_PORT=8888 WAZUH_REGISTRATION_PASSWORD=password WAZUH_KEEP_ALIVE_INTERVAL=10 WAZUH_TIME_RECONNECT=10 WAZUH_REGISTRATION_CA=/var/ossec/etc/testsslmanager.cert WAZUH_REGISTRATION_CERTIFICATE=/var/ossec/etc/testsslmanager.cert WAZUH_REGISTRATION_KEY=/var/ossec/etc/testsslmanager.key WAZUH_AGENT_NAME=test-agent WAZUH_AGENT_GROUP=test-group ENROLLMENT_DELAY=10 apt-get install ./wazuh-agent_4.4.0-0.commit8eb0a41_amd64.deb ` **Configuration**: `````` 1.1.1.1 7777 udp wazuh-manager 7777 tcp 3.3.3.3 7777 tcp testing-manager 7777 tcp dns-manager 7777 tcp MANAGER-4 7777 tcp ubuntu, ubuntu22, ubuntu22.04 10 10 yes aes yes 2.2.2.2 8888 test-agent test-group /var/ossec/etc/testsslmanager.cert /var/ossec/etc/testsslmanager.cert /var/ossec/etc/testsslmanager.key etc/authd.pass 10 Windows :green_circle:
**Command**: `.\wazuh-agent.msi /q WAZUH_MANAGER=1.1.1.1,wazuh-manager,3.3.3.3,testing-manager,dns-manager,MANAGER-4 WAZUH_MANAGER_PORT=7777 WAZUH_PROTOCOL=udp WAZUH_REGISTRATION_SERVER=2.2.2.2 WAZUH_REGISTRATION_PORT=8888 WAZUH_REGISTRATION_PASSWORD=password WAZUH_KEEP_ALIVE_INTERVAL=10 WAZUH_TIME_RECONNECT=10 WAZUH_REGISTRATION_CA=/var/ossec/etc/testsslmanager.cert WAZUH_REGISTRATION_CERTIFICATE=/var/ossec/etc/testsslmanager.cert WAZUH_REGISTRATION_KEY=/var/ossec/etc/testsslmanager.key WAZUH_AGENT_NAME=test-agent WAZUH_AGENT_GROUP=test-group ENROLLMENT_DELAY=10` **Configuration**: `````` 1.1.1.1 7777 udp wazuh-manager 7777 tcp 3.3.3.3 7777 tcp testing-manager 7777 tcp dns-manager 7777 tcp MANAGER-4 7777 tcp aes 10 10 yes yes 2.2.2.2 8888 authd.pass /var/ossec/etc/testsslmanager.cert /var/ossec/etc/testsslmanager.cert /var/ossec/etc/testsslmanager.key test-agent test-group 10 macOS :large_blue_circle:
**Command**: **Configuration**: ``` ```
AmazonLinux :green_circle:
**Command**: `WAZUH_MANAGER=1.1.1.1,wazuh-manager,3.3.3.3,testing-manager,dns-manager,MANAGER-4 WAZUH_MANAGER_PORT=7777 WAZUH_PROTOCOL=udp,tcp,udp,tcp,udp,tcp,udp,tcp WAZUH_REGISTRATION_SERVER=2.2.2.2 WAZUH_REGISTRATION_PORT=8888 WAZUH_REGISTRATION_PASSWORD=password WAZUH_KEEP_ALIVE_INTERVAL=10 WAZUH_TIME_RECONNECT=10 WAZUH_REGISTRATION_CA=/var/ossec/etc/testsslmanager.cert WAZUH_REGISTRATION_CERTIFICATE=/var/ossec/etc/testsslmanager.cert WAZUH_REGISTRATION_KEY=/var/ossec/etc/testsslmanager.key WAZUH_AGENT_NAME=test-agent WAZUH_AGENT_GROUP=test-group ENROLLMENT_DELAY=10 yum install ./wazuh-agent-4.4.0-0.commit8eb0a41.x86_64.rpm` **Configuration**: `````` 1.1.1.1 7777 udp wazuh-manager 7777 tcp 3.3.3.3 7777 udp testing-manager 7777 tcp dns-manager 7777 udp MANAGER-4 7777 tcp amzn, amzn2 10 10 yes aes yes 2.2.2.2 8888 test-agent test-group /var/ossec/etc/testsslmanager.cert /var/ossec/etc/testsslmanager.cert /var/ossec/etc/testsslmanager.key etc/authd.pass 10 Ubuntu :green_circle:
**Command**: `WAZUH_MANAGER=1.1.1.1,wazuh-manager,3.3.3.3,testing-manager,dns-manager,MANAGER-4 WAZUH_MANAGER_PORT=7777 WAZUH_PROTOCOL=udp,tcp,udp,tcp,udp,tcp,udp,tcp WAZUH_REGISTRATION_SERVER=2.2.2.2 WAZUH_REGISTRATION_PORT=8888 WAZUH_REGISTRATION_PASSWORD=password WAZUH_KEEP_ALIVE_INTERVAL=10 WAZUH_TIME_RECONNECT=10 WAZUH_REGISTRATION_CA=/var/ossec/etc/testsslmanager.cert WAZUH_REGISTRATION_CERTIFICATE=/var/ossec/etc/testsslmanager.cert WAZUH_REGISTRATION_KEY=/var/ossec/etc/testsslmanager.key WAZUH_AGENT_NAME=test-agent WAZUH_AGENT_GROUP=test-group ENROLLMENT_DELAY=10 apt-get install ./wazuh-agent_4.4.0-0.commit8eb0a41_amd64.deb ` **Configuration**: `````` 1.1.1.1 7777 udp wazuh-manager 7777 tcp 3.3.3.3 7777 udp testing-manager 7777 tcp dns-manager 7777 udp MANAGER-4 7777 tcp ubuntu, ubuntu22, ubuntu22.04 10 10 yes aes yes 2.2.2.2 8888 test-agent test-group /var/ossec/etc/testsslmanager.cert /var/ossec/etc/testsslmanager.cert /var/ossec/etc/testsslmanager.key etc/authd.pass 10 Windows :green_circle:
**Command**: `\wazuh-agent.msi /q WAZUH_MANAGER=1.1.1.1,wazuh-manager,3.3.3.3,testing-manager,dns-manager,MANAGER-4 WAZUH_MANAGER_PORT=7777 WAZUH_PROTOCOL=udp,tcp,udp,tcp,udp,tcp,udp,tcp WAZUH_REGISTRATION_SERVER=2.2.2.2 WAZUH_REGISTRATION_PORT=8888 WAZUH_REGISTRATION_PASSWORD=password WAZUH_KEEP_ALIVE_INTERVAL=10 WAZUH_TIME_RECONNECT=10 WAZUH_REGISTRATION_CA=/var/ossec/etc/testsslmanager.cert WAZUH_REGISTRATION_CERTIFICATE=/var/ossec/etc/testsslmanager.cert WAZUH_REGISTRATION_KEY=/var/ossec/etc/testsslmanager.key WAZUH_AGENT_NAME=test-agent WAZUH_AGENT_GROUP=test-group ENROLLMENT_DELAY=10 ` **Configuration**: `````` 1.1.1.1 7777 udp wazuh-manager 7777 tcp 3.3.3.3 7777 udp testing-manager 7777 tcp dns-manager 7777 udp MANAGER-4 7777 tcp aes 10 10 yes yes 2.2.2.2 8888 authd.pass /var/ossec/etc/testsslmanager.cert /var/ossec/etc/testsslmanager.cert /var/ossec/etc/testsslmanager.key test-agent test-group 10 macOS :large_blue_circle:
**Command**: **Configuration**: ``` ```
AmazonLinux :green_circle:
**Command**: `WAZUH_MANAGER="1,2,3,4,5,6,7,8,9,1,2,3,4,5,6,7,8,9,,,,,,,,,,,1,12" yum install ./wazuh-agent-4.4.0-0.commit8eb0a41.x86_64.rpm` **Configuration**: `````` 1 1514 tcp 12 1514 tcp 2 1514 tcp 3 1514 tcp 4 1514 tcp 5 1514 tcp 6 1514 tcp 7 1514 tcp 8 1514 tcp 9 1514 tcp amzn, amzn2 10 60 yes aes yes 1 etc/authd.pass Ubuntu :green_circle:
**Command**: `WAZUH_MANAGER="1,2,3,4,5,6,7,8,9,1,2,3,4,5,6,7,8,9,,,,,,,,,,,1,12" apt-get install ./wazuh-agent_4.4.0-0.commit8eb0a41_amd64.deb` **Configuration**: `````` 1 1514 tcp 12 1514 tcp 2 1514 tcp 3 1514 tcp 4 1514 tcp 5 1514 tcp 6 1514 tcp 7 1514 tcp 8 1514 tcp 9 1514 tcp ubuntu, ubuntu22, ubuntu22.04 10 60 yes aes yes 1 etc/authd.pass Windows :red_circle:
Invalid configuration. Windows agent instalation does not skip empty addressess **Command**: `.\wazuh-agent.msi /q WAZUH_MANAGER="1,2,3,4,5,6,7,8,9,1,2,3,4,5,6,7,8,9,,,,,,,,,,,1,12"` **Configuration**: `````` 1 1514 tcp 2 1514 tcp 3 1514 tcp 4 1514 tcp 5 1514 tcp 6 1514 tcp 7 1514 tcp 8 1514 tcp 9 1514 tcp 1514 tcp 12 1514 tcp aes 10 60 yes macOS :large_blue_circle:
**Command**: **Configuration**: ``` ```
AmazonLinux :green_circle:
**Command**: WAZUH_MANAGER=wazuh-manager,wazuh-manager2,4.4.4.4,1.2.1.3,dns-manager WAZUH_PROTOCOL=UDP WAZUH_MANAGER_PORT=444 WAZUH_AGENT_NAME=TESTING yum install ./wazuh-agent-4.4.0-0.commitd677dd2.x86_64.rpm` **Configuration**: `````` wazuh-manager 444 udp wazuh-manager2 444 tcp 4.4.4.4 444 tcp 1.2.1.3 444 tcp dns-manager 444 tcp amzn, amzn2 10 60 yes aes yes wazuh-manager TESTING etc/authd.pass Ubuntu :green_circle:
**Command**: `WAZUH_MANAGER=wazuh-manager,wazuh-manager2,4.4.4.4,1.2.1.3,dns-manager WAZUH_PROTOCOL=UDP WAZUH_MANAGER_PORT=444 WAZUH_AGENT_NAME=TESTING apt-get install ./wazuh-agent_4.4.0-0.commit8eb0a41_amd64.deb ` **Configuration**: `````` wazuh-manager 444 udp wazuh-manager2 444 tcp 4.4.4.4 444 tcp 1.2.1.3 444 tcp dns-manager 444 tcp ubuntu, ubuntu22, ubuntu22.04 10 60 yes aes yes wazuh-manager TESTING etc/authd.pass Windows :green_circle:
**Command**: `.\wazuh-agent.msi /q WAZUH_MANAGER=wazuh-manager,wazuh-manager2,4.4.4.4,1.2.1.3,dns-manager WAZUH_PROTOCOL=UDP WAZUH_MANAGER_PORT=444 WAZUH_AGENT_NAME=TESTING` **Configuration**: `````` wazuh-manager 444 udp wazuh-manager2 444 tcp 4.4.4.4 444 tcp 1.2.1.3 444 tcp dns-manager 444 tcp aes 10 60 yes yes TESTING macOS :large_blue_circle:
**Command**: **Configuration**: ``` ```
AmazonLinux :green_circle:
**Command**: `WAZUH_MANAGER=wazuh-manager WAZUH_PROTOCOL=UDP,TCP,TPC,UPC,UDP WAZUH_MANAGER_PORT=444 WAZUH_AGENT_NAME=TESTING yum install ./wazuh-agent-4.4.0-0.commit8eb0a41.x86_64.rpm` **Configuration**: `````` wazuh-manager 444 udp amzn, amzn2 10 60 yes aes yes wazuh-manager TESTING etc/authd.pass Ubuntu :green_circle:
**Command**: `WAZUH_MANAGER=wazuh-manager WAZUH_PROTOCOL=UDP,TCP,TPC,UPC,UDP WAZUH_MANAGER_PORT=444 WAZUH_AGENT_NAME=TESTING apt-get install ./wazuh-agent_4.4.0-0.commit8eb0a41_amd64.deb` **Configuration**: `````` wazuh-manager 444 udp ubuntu, ubuntu22, ubuntu22.04 10 60 yes aes yes wazuh-manager TESTING etc/authd.pass Windows :green_circle:
**Command**: `.\wazuh-agent.msi /q WAZUH_MANAGER=wazuh-manager WAZUH_PROTOCOL=UDP,TCP,TPC,UPC,UDP WAZUH_MANAGER_PORT=444 WAZUH_AGENT_NAME=TESTING` **Configuration**: `````` wazuh-manager 444 udp aes 10 60 yes yes TESTING macOS :large_blue_circle:
**Command**: **Configuration**: ``` ```
AmazonLinux :green_circle:
**Command**: WAZUH_MANAGER=wazuh-manager WAZUH_PROTOCOL=UDP WAZUH_MANAGER_PORT=444 WAZUH_AGENT_NAME=TESTING yum install ./wazuh-agent-4.4.0-0.commitd677dd2.x86_64.rpm` **Configuration**: `````` wazuh-manager 444 udp amzn, amzn2 10 60 yes aes yes wazuh-manager TESTING etc/authd.pass Ubuntu :green_circle:
**Command**: `WAZUH_MANAGER=wazuh-manager WAZUH_PROTOCOL=UDP WAZUH_MANAGER_PORT=444 WAZUH_AGENT_NAME=TESTING apt-get install ./wazuh-agent_4.4.0-0.commit8eb0a41_amd64.deb` **Configuration**: `````` wazuh-manager 444 udp ubuntu, ubuntu22, ubuntu22.04 10 60 yes aes yes wazuh-manager TESTING etc/authd.pass Windows :green_circle:
**Command**: ` .\wazuh-agent.msi /q WAZUH_MANAGER=wazuh-manager WAZUH_PROTOCOL=UDP WAZUH_MANAGER_PORT=444 WAZUH_AGENT_NAME=TESTING` **Configuration**: `````` wazuh-manager 444 udp aes 10 60 yes yes TESTING macOS :large_blue_circle:
**Command**: **Configuration**: ``` ```
AmazonLinux :green_circle:
**Command**: `WAZUH_MANAGER=3.3.3.3,2.2.2.2,1.1.1.1 WAZUH_PROTOCOL=UDP,UDP,TCP yum install wazuh-agent-4.4.0.rpm` **Configuration**: `````` 3.3.3.3 1514 udp 2.2.2.2 1514 udp 1.1.1.1 1514 tcp amzn, amzn2 10 60 yes aes yes 3.3.3.3 etc/authd.pass Ubuntu :green_circle:
**Command**: `WAZUH_MANAGER=3.3.3.3,2.2.2.2,1.1.1.1 WAZUH_PROTOCOL=UDP,UDP,TCP apt-get install ./wazuh-agent_4.4.0.deb` **Configuration**: `````` 3.3.3.3 1514 udp 2.2.2.2 1514 udp 1.1.1.1 1514 tcp ubuntu, ubuntu22, ubuntu22.04 10 60 yes aes yes 3.3.3.3 etc/authd.pass Windows :green_circle:
**Command**: ``.\wazuh-agent.msi /q WAZUH_MANAGER=3.3.3.3,2.2.2.2,1.1.1.1 WAZUH_PROTOCOL=UDP,UDP,TCP`` **Configuration**: `````` 3.3.3.3 1514 udp 2.2.2.2 1514 udp 1.1.1.1 1514 tcp aes 10 60 yes macOS :green_circle:
**Command**: `launchctl setenv WAZUH_MANAGER "3.3.3.3,2.2.2.2,1.1.1.1" WAZUH_PROTOCOL "UDP,UDP,TCP" && installer -pkg wazuh-agent-4.4.0.pkg -target / ` **Configuration**: `````` 3.3.3.3 1514 udp 2.2.2.2 1514 udp 1.1.1.1 1514 tcp darwin, darwin21, darwin21.1 10 60 yes aes yes 3.3.3.3 etc/authd.pass
AmazonLinux :green_circle:
**Command**: `WAZUH_MANAGER=wazuh-manager,wazuh-manager2,4.4.4.4,1.2.1.3,dns-manager WAZUH_PROTOCOL=UDP WAZUH_MANAGER_PORT=444 WAZUH_AGENT_NAME=TESTING yum install ./wazuh-agent-4.4.0.rpm` **Configuration**: `````` wazuh-manager 444 udp wazuh-manager2 444 tcp 4.4.4.4 444 tcp 1.2.1.3 444 tcp dns-manager 444 tcp amzn, amzn2 10 60 yes aes yes wazuh-manager TESTING etc/authd.pass Ubuntu :green_circle:
**Command**: ``WAZUH_MANAGER=wazuh-manager,wazuh-manager2,4.4.4.4,1.2.1.3,dns-manager WAZUH_PROTOCOL=UDP WAZUH_MANAGER_PORT=444 WAZUH_AGENT_NAME=TESTING apt-get install ./wazuh-agent_4.4.0.deb` **Configuration**: `````` wazuh-manager 444 udp wazuh-manager2 444 tcp 4.4.4.4 444 tcp 1.2.1.3 444 tcp dns-manager 444 tcp ubuntu, ubuntu22, ubuntu22.04 10 60 yes aes yes wazuh-manager TESTING etc/authd.pass Windows :red_circle:
**Command**: ` .\wazuh-agent.msi /q WAZUH_MANAGER=wazuh-manager,wazuh-manager2,4.4.4.4,1.2.1.3,dns-manager WAZUH_PROTOCOL=UDP WAZUH_MANAGER_PORT=444 WAZUH_AGENT_NAME=TESTING` **Configuration**: `````` wazuh-manager 444 udp wazuh-manager2 444 tcp 4.4.4.4 444 tcp 1.2.1.3 444 tcp dns-manager 444 tcp aes 10 60 yes yes TESTING macOS :green_circle:
**Command**: **Configuration**: ``` ```
AmazonLinux :green_circle:
**Command**: ``WAZUH_MANAGER=wazuh-manager,wazuh-manager WAZUH_PROTOCOL=UDP WAZUH_MANAGER_PORT=444 WAZUH_AGENT_NAME=TESTING yum install ./wazuh-agent-4.4.0-0.rpm`` **Configuration**: `````` wazuh-manager 444 udp wazuh-manager 444 tcp amzn, amzn2 10 60 yes aes yes wazuh-manager TESTING etc/authd.pass Ubuntu :green_circle:
**Command**: `WAZUH_MANAGER=wazuh-manager,wazuh-manager WAZUH_PROTOCOL=UDP WAZUH_MANAGER_PORT=444 WAZUH_AGENT_NAME=TESTING apt-get install ./wazuh-agent_4.4.0.deb` **Configuration**: `````` wazuh-manager 444 udp wazuh-manager 444 tcp ubuntu, ubuntu22, ubuntu22.04 10 60 yes aes yes wazuh-manager TESTING etc/authd.pass Windows :red_circle:
**Command**: `.\wazuh-agent.msi /q WAZUH_MANAGER=wazuh-manager,wazuh-manager WAZUH_PROTOCOL=UDP WAZUH_MANAGER_PORT=444 WAZUH_AGENT_NAME=TESTING` **Configuration**: `````` wazuh-manager 444 udp wazuh-manager 444 tcp aes 10 60 yes yes TESTING macOS :large_blue_circle:
**Command**: **Configuration**: ``` ```
AmazonLinux :red_circle:
Managers are disordered in the case of using the same protocol: **Command**: `WAZUH_MANAGER=wazuh-manager,testing WAZUH_PROTOCOL=TCP,tCP WAZUH_MANAGER_PORT=444 WAZUH_AGENT_NAME=TESTING yum install ./wazuh-agent-4.4.0.rpm` **Configuration**: ```testing 444 tcp wazuh-manager ```444 tcp
After talking with @DFolchA we have proposed removing duplicated managers for the same protocols using the following logic
ADDRESSES=( $(echo "${ADDRESSES[@]}" | tr ' ' '\n' | cat -n | sort -uk2 | sort -n | cut -f2- | tr '\n' ' ') )
AmazonLinux :green_circle:
**Command**: WAZUH_MANAGER=3.3.3.3,2.2.2.2,1.1.1.1 WAZUH_PROTOCOL=UDP,UDP,TCP yum install wazuh-agent-4.4.0.rpm` **Configuration**: `````` 3.3.3.3 1514 udp 2.2.2.2 1514 udp 1.1.1.1 1514 tcp amzn, amzn2 10 60 yes aes yes 3.3.3.3 etc/authd.pass Ubuntu :green_circle:
**Command**: ``WAZUH_MANAGER=3.3.3.3,2.2.2.2,1.1.1.1 WAZUH_PROTOCOL=UDP,UDP,TCP apt-get install ./wazuh-agent_4.4.0.deb`` **Configuration**: `````` 3.3.3.3 1514 udp 2.2.2.2 1514 udp 1.1.1.1 1514 tcp ubuntu, ubuntu22, ubuntu22.04 10 60 yes aes yes 3.3.3.3 etc/authd.pass Windows :green_circle:
**Command**: `.\wazuh-agent.msi /q WAZUH_MANAGER=3.3.3.3,2.2.2.2,1.1.1.1 WAZUH_PROTOCOL=UDP,UDP,TCP` **Configuration**: `````` 3.3.3.3 1514 udp 2.2.2.2 1514 udp 1.1.1.1 1514 tcp aes 10 60 yes macOS :green_circle:
**Command**: `launchctl setenv WAZUH_MANAGER "3.3.3.3,2.2.2.2,1.1.1.1" WAZUH_PROTOCOL "udp,udp,tcp" && installer -pkg wazuh-agent-4.4.0.pkg -target / -verbose` **Configuration**: `````` 3.3.3.3 1514 udp 2.2.2.2 1514 udp 1.1.1.1 1514 tcp darwin, darwin21, darwin21.1 10 60 yes aes yes 3.3.3.3 etc/authd.pass
AmazonLinux :green_circle:
**Command**: `WAZUH_MANAGER=wazuh-manager,wazuh-manager2,4.4.4.4,1.2.1.3,dns-manager WAZUH_PROTOCOL=UDP WAZUH_MANAGER_PORT=444 WAZUH_AGENT_NAME=TESTING yum install ./wazuh-agent-4.4.0.rpm` **Configuration**: `````` wazuh-manager 444 udp wazuh-manager2 444 tcp 4.4.4.4 444 tcp 1.2.1.3 444 tcp dns-manager 444 tcp amzn, amzn2 10 60 yes aes yes wazuh-manager TESTING etc/authd.pass Ubuntu :green_circle:
**Command**: `WAZUH_MANAGER=wazuh-manager,wazuh-manager2,4.4.4.4,1.2.1.3,dns-manager WAZUH_PROTOCOL=UDP WAZUH_MANAGER_PORT=444 WAZUH_AGENT_NAME=TESTING apt-get install ./wazuh-agent_4.4.0.deb` **Configuration**: `````` wazuh-manager 444 udp wazuh-manager2 444 tcp 4.4.4.4 444 tcp 1.2.1.3 444 tcp dns-manager 444 tcp ubuntu, ubuntu22, ubuntu22.04 10 60 yes aes yes wazuh-manager TESTING etc/authd.pass Windows :green_circle:
**Command**: `.\wazuh-agent.msi /q WAZUH_MANAGER=wazuh-manager,wazuh-manager2,4.4.4.4,1.2.1.3,dns-manager WAZUH_PROTOCOL=UDP WAZUH_MANAGER_PORT=444 WAZUH_AGENT_NAME=TESTIN` **Configuration**: `````` wazuh-manager 444 udp wazuh-manager2 444 tcp 4.4.4.4 444 tcp 1.2.1.3 444 tcp dns-manager 444 tcp aes 10 60 yes yes TESTIN macOS :green_circle:
**Command**: `launchctl setenv WAZUH_MANAGER "wazuh-manager,wazuh-manager2,4.4.4.4,1.2.1.3,dns-manager" WAZUH_PROTOCOL "udp" WAZUH_AGENT_NAME "TESTING" && installer -pkg wazuh-agent-4.4.0.pkg -target / -verbose` **Configuration**: `````` wazuh-manager 1514 udp wazuh-manager2 1514 tcp 4.4.4.4 1514 tcp 1.2.1.3 1514 tcp dns-manager 1514 tcp darwin, darwin21, darwin21.1 10 60 yes aes yes wazuh-manager TESTING etc/authd.pass
AmazonLinux :green_circle:
**Command**: `WAZUH_MANAGER=wazuh-manager,wazuh-manager WAZUH_PROTOCOL=UDP WAZUH_MANAGER_PORT=444 WAZUH_AGENT_NAME=TESTING yum install ./wazuh-agent-4.4.0-0.rpm` **Configuration**: `````` wazuh-manager 444 udp wazuh-manager 444 tcp amzn, amzn2 10 60 yes aes yes wazuh-manager TESTING etc/authd.pass Ubuntu :green_circle:
**Command**: `WAZUH_MANAGER=wazuh-manager,wazuh-manager WAZUH_PROTOCOL=UDP WAZUH_MANAGER_PORT=444 WAZUH_AGENT_NAME=TESTING apt-get install ./wazuh-agent_4.4.0.deb` **Configuration**: `````` wazuh-manager 444 udp wazuh-manager 444 tcp ubuntu, ubuntu22, ubuntu22.04 10 60 yes aes yes wazuh-manager TESTING etc/authd.pass Windows :green_circle:
**Command**: ` .\wazuh-agent.msi /q WAZUH_MANAGER=wazuh-manager,wazuh-manager WAZUH_PROTOCOL=UDP WAZUH_MANAGER_PORT=444 WAZUH_AGENT_NAME=TESTING` **Configuration**: `````` wazuh-manager 444 udp wazuh-manager 444 tcp aes 10 60 yes yes TESTING macOS :green_circle:
macOS :large_blue_circle:
**Command**: `launchctl setenv WAZUH_MANAGER "wazuh-manager,wazuh-manager" WAZUH_PROTOCOL "udp" WAZUH_AGENT_NAME "test-agent" WAZUH_AGENT_GROUP "test-group" && installer -pkg wazuh-agent-4.4.0-0.pkg -target /;` **Configuration**: `````` wazuh-manager 1514 udp wazuh-manager 1514 tcp darwin, darwin21, darwin21.1 10 60 yes aes yes wazuh-manager test-agent test-group etc/authd.pass
AmazonLinux :green_circle:
**Command**: `WAZUH_MANAGER=wazuh-manager,wazuh-manager WAZUH_PROTOCOL=TCP,tCP WAZUH_MANAGER_PORT=444 WAZUH_AGENT_NAME=TESTING yum install ./wazuh-agent-4.4.0.rpm` **Configuration**: `````` wazuh-manager 444 tcp amzn, amzn2 10 60 yes aes yes wazuh-manager TESTING etc/authd.pass Ubuntu :green_circle:
**Command**: `WAZUH_MANAGER=wazuh-manager,wazuh-manager WAZUH_PROTOCOL=TCP,tCP WAZUH_MANAGER_PORT=444 WAZUH_AGENT_NAME=TESTING apt-get install ./wazuh-agent_4.4.0.deb` **Configuration**: `````` wazuh-manager 444 tcp ubuntu, ubuntu22, ubuntu22.04 10 60 yes aes yes wazuh-manager TESTING etc/authd.pass Windows :green_circle:
**Command**: `.\wazuh-agent.msi /q WAZUH_MANAGER=wazuh-manager,wazuh-manager WAZUH_PROTOCOL=tcp,TCP WAZUH_MANAGER_PORT=444 WAZUH_AGENT_NAME=TESTING` **Configuration**: `````` wazuh-manager 444 tcp aes 10 60 yes yes TESTING macOS :green_circle:
**Command**: `launchctl setenv WAZUH_MANAGER "wazuh-manager,wazuh-manager" WAZUH_PROTOCOL "TCP,tcp" WAZUH_MANAGER_PORT "444" WAZUH_AGENT_NAME "TESTING" && installer -pkg wazuh-agent-4.4.0.pkg -target /` **Configuration**: `````` wazuh-manager 444 tcp darwin, darwin21, darwin21.1 10 60 yes aes yes wazuh-manager TESTING etc/authd.pass
AmazonLinux :green_circle:
**Command**: `WAZUH_MANAGER=1.1.1.1,wazuh-manager,3.3.3.3,testing-manager,dns-manager,MANAGER-4 WAZUH_MANAGER_PORT=7777 WAZUH_PROTOCOL=udp WAZUH_REGISTRATION_SERVER=2.2.2.2 WAZUH_REGISTRATION_PORT=8888 WAZUH_REGISTRATION_PASSWORD=password WAZUH_KEEP_ALIVE_INTERVAL=10 WAZUH_TIME_RECONNECT=10 WAZUH_REGISTRATION_CA=/var/ossec/etc/testsslmanager.cert WAZUH_REGISTRATION_CERTIFICATE=/var/ossec/etc/testsslmanager.cert WAZUH_REGISTRATION_KEY=/var/ossec/etc/testsslmanager.key WAZUH_AGENT_NAME=test-agent WAZUH_AGENT_GROUP=test-group ENROLLMENT_DELAY=10 yum install ./wazuh-agent-4.4.0-0.commit8eb0a41.x86_64` **Configuration**: `````` 1.1.1.1 7777 udp wazuh-manager 7777 tcp 3.3.3.3 7777 tcp testing-manager 7777 tcp dns-manager 7777 tcp MANAGER-4 7777 tcp amzn, amzn2 10 10 yes aes yes 2.2.2.2 8888 test-agent test-group /var/ossec/etc/testsslmanager.cert /var/ossec/etc/testsslmanager.cert /var/ossec/etc/testsslmanager.key etc/authd.pass 10 Ubuntu :green_circle:
**Command**: `WAZUH_MANAGER=1.1.1.1,wazuh-manager,3.3.3.3,testing-manager,dns-manager,MANAGER-4 WAZUH_MANAGER_PORT=7777 WAZUH_PROTOCOL=udp WAZUH_REGISTRATION_SERVER=2.2.2.2 WAZUH_REGISTRATION_PORT=8888 WAZUH_REGISTRATION_PASSWORD=password WAZUH_KEEP_ALIVE_INTERVAL=10 WAZUH_TIME_RECONNECT=10 WAZUH_REGISTRATION_CA=/var/ossec/etc/testsslmanager.cert WAZUH_REGISTRATION_CERTIFICATE=/var/ossec/etc/testsslmanager.cert WAZUH_REGISTRATION_KEY=/var/ossec/etc/testsslmanager.key WAZUH_AGENT_NAME=test-agent WAZUH_AGENT_GROUP=test-group ENROLLMENT_DELAY=10 apt-get install ./wazuh-agent_4.4.0-0.commit8eb0a41_amd64.deb` **Configuration**: `````` 1.1.1.1 7777 udp wazuh-manager 7777 tcp 3.3.3.3 7777 tcp testing-manager 7777 tcp dns-manager 7777 tcp MANAGER-4 7777 tcp ubuntu, ubuntu22, ubuntu22.04 10 10 yes aes yes 2.2.2.2 8888 test-agent test-group /var/ossec/etc/testsslmanager.cert /var/ossec/etc/testsslmanager.cert /var/ossec/etc/testsslmanager.key etc/authd.pass 10 Windows :green_circle:
**Command**: `.\wazuh-agent.msi /q WAZUH_MANAGER=1.1.1.1,wazuh-manager,3.3.3.3,testing-manager,dns-manager,MANAGER-4 WAZUH_MANAGER_PORT=7777 WAZUH_REGISTRATION_SERVER=2.2.2.2 WAZUH_REGISTRATION_PORT=8888 WAZUH_REGISTRATION_PASSWORD=password WAZUH_KEEP_ALIVE_INTERVAL=10 WAZUH_TIME_RECONNECT=10 WAZUH_REGISTRATION_CA=/var/ossec/etc/testsslmanager.cert WAZUH_REGISTRATION_CERTIFICATE=/var/ossec/etc/testsslmanager.cert WAZUH_REGISTRATION_KEY=/var/ossec/etc/testsslmanager.key WAZUH_AGENT_NAME=test-agent` **Configuration**: `````` 1.1.1.1 7777 tcp wazuh-manager 7777 tcp 3.3.3.3 7777 tcp testing-manager 7777 tcp dns-manager 7777 tcp MANAGER-4 7777 tcp aes 10 10 yes yes 2.2.2.2 8888 authd.pass /var/ossec/etc/testsslmanager.cert /var/ossec/etc/testsslmanager.cert /var/ossec/etc/testsslmanager.key test-agent macOS :green_circle:
**Command**: `setenv WAZUH_MANAGER "1.1.1.1,wazuh-manager,3.3.3.3,testing-manager,dns-manager,MANAGER-4" WAZUH_MANAGER_PORT "7777" WAZUH_PROTOCOL "udp" WAZUH_REGISTRATION_SERVER "2.2.2.2" WAZUH_REGISTRATION_PORT "8888" WAZUH_REGISTRATION_PASSWORD "password" WAZUH_KEEP_ALIVE_INTERVAL "10" WAZUH_TIME_RECONNECT "10" WAZUH_REGISTRATION_CA "/var/ossec/etc/testsslmanager.cert" WAZUH_REGISTRATION_CERTIFICATE "/var/ossec/etc/testsslmanager.cert" WAZUH_REGISTRATION_KEY "/var/ossec/etc/testsslmanager.key" WAZUH_AGENT_NAME "test-agent" WAZUH_AGENT_GROUP "test-group" ENROLLMENT_DELAY "10" && installer -pkg wazuh-agent-4.4.0-0.commitd677dd2.pkg -target /;` **Configuration**: `````` ``` 1.1.1.1 7777 udp 3.3.3.3 7777 tcp MANAGER-4 7777 tcp dns-manager 7777 tcp testing-manager 7777 tcp wazuh-manager 7777 tcp darwin, darwin21, darwin21.1 10 10 yes aes yes 2.2.2.2 8888 test-agent test-group /var/ossec/etc/testsslmanager.cert /var/ossec/etc/testsslmanager.cert /var/ossec/etc/testsslmanager.key etc/authd.pass 10
AmazonLinux :green_circle:
**Command**: `WAZUH_MANAGER=1.1.1.1,wazuh-manager,3.3.3.3,testing-manager,dns-manager,MANAGER-4 WAZUH_MANAGER_PORT=7777 WAZUH_PROTOCOL=udp,tcp,udp,tcp,udp,tcp,udp,tcp WAZUH_REGISTRATION_SERVER=2.2.2.2 WAZUH_REGISTRATION_PORT=8888 WAZUH_REGISTRATION_PASSWORD=password WAZUH_KEEP_ALIVE_INTERVAL=10 WAZUH_TIME_RECONNECT=10 WAZUH_REGISTRATION_CA=/var/ossec/etc/testsslmanager.cert WAZUH_REGISTRATION_CERTIFICATE=/var/ossec/etc/testsslmanager.cert WAZUH_REGISTRATION_KEY=/var/ossec/etc/testsslmanager.key WAZUH_AGENT_NAME=test-agent WAZUH_AGENT_GROUP=test-group ENROLLMENT_DELAY=10 yum install ./wazuh-agent-4.4.0-0.commit8eb0a41.x86_64.rpm` **Configuration**: `````` 1.1.1.1 7777 udp wazuh-manager 7777 tcp 3.3.3.3 7777 udp testing-manager 7777 tcp dns-manager 7777 udp MANAGER-4 7777 tcp amzn, amzn2 10 10 yes aes yes 2.2.2.2 8888 test-agent test-group /var/ossec/etc/testsslmanager.cert /var/ossec/etc/testsslmanager.cert /var/ossec/etc/testsslmanager.key etc/authd.pass 10 Ubuntu :green_circle:
**Command**: `WAZUH_MANAGER=1.1.1.1,wazuh-manager,3.3.3.3,testing-manager,dns-manager,MANAGER-4 WAZUH_MANAGER_PORT=7777 WAZUH_PROTOCOL=udp,tcp,udp,tcp,udp,tcp,udp,tcp WAZUH_REGISTRATION_SERVER=2.2.2.2 WAZUH_REGISTRATION_PORT=8888 WAZUH_REGISTRATION_PASSWORD=password WAZUH_KEEP_ALIVE_INTERVAL=10 WAZUH_TIME_RECONNECT=10 WAZUH_REGISTRATION_CA=/var/ossec/etc/testsslmanager.cert WAZUH_REGISTRATION_CERTIFICATE=/var/ossec/etc/testsslmanager.cert WAZUH_REGISTRATION_KEY=/var/ossec/etc/testsslmanager.key WAZUH_AGENT_NAME=test-agent WAZUH_AGENT_GROUP=test-group ENROLLMENT_DELAY=10 apt-get install ./wazuh-agent_4.4.0-0.commit8eb0a41_amd64.deb` **Configuration**: `````` 1.1.1.1 7777 udp wazuh-manager 7777 tcp 3.3.3.3 7777 udp testing-manager 7777 tcp dns-manager 7777 udp MANAGER-4 7777 tcp ubuntu, ubuntu22, ubuntu22.04 10 10 yes aes yes 2.2.2.2 8888 test-agent test-group /var/ossec/etc/testsslmanager.cert /var/ossec/etc/testsslmanager.cert /var/ossec/etc/testsslmanager.key etc/authd.pass 10 Windows :green_circle:
**Command**: `.\wazuh-agent.msi /q WAZUH_MANAGER=1.1.1.1,wazuh-manager,3.3.3.3,testing-manager,dns-manager,MANAGER-4 WAZUH_MANAGER_PORT=7777 WAZUH_PROTOCOL=udp,tcp,udp,tcp,udp,tcp,udp,tcp WAZUH_REGISTRATION_SERVER=2.2.2.2 WAZUH_REGISTRATION_PORT=8888 WAZUH_REGISTRATION_PASSWORD=password WAZUH_KEEP_ALIVE_INTERVAL=10 WAZUH_TIME_RECONNECT=10 WAZUH_REGISTRATION_CA=/var/ossec/etc/testsslmanager.cert WAZUH_REGISTRATION_CERTIFICATE=/var/ossec/etc/testsslmanager.cert WAZUH_REGISTRATION_KEY=/var/ossec/etc/testsslmanager.key WAZUH_AGENT_NAME=test-agent` **Configuration**: `````` 1.1.1.1 7777 udp wazuh-manager 7777 tcp 3.3.3.3 7777 udp testing-manager 7777 tcp dns-manager 7777 udp MANAGER-4 7777 tcp aes 10 10 yes yes 2.2.2.2 8888 authd.pass /var/ossec/etc/testsslmanager.cert /var/ossec/etc/testsslmanager.cert /var/ossec/etc/testsslmanager.key test-agent macOS :green_circle:
**Command**: `setenv WAZUH_MANAGER "1.1.1.1,wazuh-manager,3.3.3.3,testing-manager,dns-manager,MANAGER-4" WAZUH_MANAGER_PORT "7777" WAZUH_PROTOCOL "udp,tcp,udp,tcp,udp,tcp,udp,tcp" WAZUH_REGISTRATION_SERVER "2.2.2.2" WAZUH_REGISTRATION_PORT "8888" WAZUH_REGISTRATION_PASSWORD "password" WAZUH_KEEP_ALIVE_INTERVAL "10" WAZUH_TIME_RECONNECT "10" WAZUH_REGISTRATION_CA "/var/ossec/etc/testsslmanager.cert" WAZUH_REGISTRATION_CERTIFICATE "/var/ossec/etc/testsslmanager.cert" WAZUH_REGISTRATION_KEY "/var/ossec/etc/testsslmanager.key" WAZUH_AGENT_NAME "test-agent" WAZUH_AGENT_GROUP "test-group" ENROLLMENT_DELAY "10" && installer -pkg wazuh-agent-4.4.0-0.commitd677dd2.pkg -target /;` **Configuration**: `````` 1.1.1.1 7777 udp 3.3.3.3 7777 tcp MANAGER-4 7777 udp dns-manager 7777 tcp testing-manager 7777 udp wazuh-manager 7777 tcp darwin, darwin21, darwin21.1 10 10 yes aes yes 2.2.2.2 8888 test-agent test-group /var/ossec/etc/testsslmanager.cert /var/ossec/etc/testsslmanager.cert /var/ossec/etc/testsslmanager.key etc/authd.pass 10
AmazonLinux :green_circle:
**Command**: `WAZUH_MANAGER="1,2,3,4,5,6,7,8,9,1,2,3,4,5,6,7,8,9,,,,,,,,,,,1,12" yum install ./wazuh-agent-4.4.0-0.commit8eb0a41.x86_64.rpm` **Configuration**: `````` 1 1514 tcp 2 1514 tcp 3 1514 tcp 4 1514 tcp 5 1514 tcp 6 1514 tcp 7 1514 tcp 8 1514 tcp 9 1514 tcp 12 1514 tcp amzn, amzn2 10 60 yes aes yes 1 etc/authd.pass Ubuntu :green_circle:
**Command**: `WAZUH_MANAGER="1,2,3,4,5,6,7,8,9,1,2,3,4,5,6,7,8,9,,,,,,,,,,,1,12" apt-get install ./wazuh-agent_4.4.0.deb` **Configuration**: `````` 1 1514 tcp 2 1514 tcp 3 1514 tcp 4 1514 tcp 5 1514 tcp 6 1514 tcp 7 1514 tcp 8 1514 tcp 9 1514 tcp 12 1514 tcp ubuntu, ubuntu22, ubuntu22.04 10 60 yes aes yes 1 etc/authd.pass Windows :green_circle:
**Command**: `.\wazuh-agent.msi /q WAZUH_MANAGER="1,2,3,4,5,6,7,8,9,1,2,3,4,5,6,7,8,9,,,,,,,,,,,1,12" ` **Configuration**: `````` 1 1514 tcp 2 1514 tcp 3 1514 tcp 4 1514 tcp 5 1514 tcp 6 1514 tcp 7 1514 tcp 8 1514 tcp 9 1514 tcp 12 1514 tcp aes 10 60 yes macOS :green_circle:
**Command**: `launchctl setenv WAZUH_MANAGER "1,2,3,4,5,6,7,8,9,1,2,3,4,5,6,7,8,9,,,,,,,,,,,1,12" && installer -pkg wazuh-agent-4.4.0-0.pkg -target /;` **Configuration**: `````` 1 1514 tcp 2 1514 tcp 3 1514 tcp 4 1514 tcp 5 1514 tcp 6 1514 tcp 7 1514 tcp 8 1514 tcp 9 1514 tcp 12 1514 tcp darwin, darwin21, darwin21.1 10 60 yes aes yes 1 etc/authd.pass
AmazonLinux :green_circle:
**Command**: `WAZUH_MANAGER=wazuh-manager,wazuh-manager2,4.4.4.4,1.2.1.3,dns-manager WAZUH_PROTOCOL=UDP WAZUH_MANAGER_PORT=444 WAZUH_AGENT_NAME=TESTING yum install ./wazuh-agent-4.4.0-0.commitd677dd2.x86_64.rpm` **Configuration**: `````` wazuh-manager 444 udp wazuh-manager2 444 tcp 4.4.4.4 444 tcp 1.2.1.3 444 tcp dns-manager 444 tcp amzn, amzn2 10 60 yes aes yes wazuh-manager TESTING etc/authd.pass Ubuntu :green_circle:
**Command**: `WAZUH_MANAGER=wazuh-manager,wazuh-manager2,4.4.4.4,1.2.1.3,dns-manager WAZUH_PROTOCOL=UDP WAZUH_MANAGER_PORT=444 WAZUH_AGENT_NAME=TESTING apt-get install ./wazuh-agent_4.4.0-0.commit8eb0a41_amd64.deb` **Configuration**: `````` wazuh-manager 444 udp wazuh-manager2 444 tcp 4.4.4.4 444 tcp 1.2.1.3 444 tcp dns-manager 444 tcp ubuntu, ubuntu22, ubuntu22.04 10 60 yes aes yes wazuh-manager TESTING etc/authd.pass Windows :green_circle:
**Command**: `.\wazuh-agent.msi /q WAZUH_MANAGER=wazuh-manager,wazuh-manager2,4.4.4.4,1.2.1.3,dns-manager WAZUH_PROTOCOL=UDP WAZUH_MANAGER_PORT=444 WAZUH_AGENT_NAME=TESTING` **Configuration**: `````` wazuh-manager 444 udp wazuh-manager2 444 tcp 4.4.4.4 444 tcp 1.2.1.3 444 tcp dns-manager 444 tcp aes 10 60 yes yes TESTING macOS :green_circle:
**Command**: `WAZUH_MANAGER=wazuh-manager,wazuh-manager2,4.4.4.4,1.2.1.3,dns-manager WAZUH_PROTOCOL=UDP WAZUH_MANAGER_PORT=444 WAZUH_AGENT_NAME=TESTING yum install ./wazuh-agent-4.4.0-0.commitd677dd2.x86_64.rpm` **Configuration**: `````` 1.2.1.3 444 udp 4.4.4.4 444 tcp dns-manager 444 tcp wazuh-manager 444 tcp wazuh-manager2 444 tcp amzn, amzn2 10 60 yes aes yes 1.2.1.3 TESTING etc/authd.pass
AmazonLinux :green_circle:
**Command**: `WAZUH_MANAGER=wazuh-manager WAZUH_PROTOCOL=UDP,TCP,TPC,UPC,UDP WAZUH_MANAGER_PORT=444 WAZUH_AGENT_NAME=TESTING yum install ./wazuh-agent-4.4.0.rpm` **Configuration**: `````` wazuh-manager 444 udp amzn, amzn2 10 60 yes aes yes wazuh-manager TESTING etc/authd.pass Ubuntu :green_circle:
**Command**: `WAZUH_MANAGER=wazuh-manager WAZUH_PROTOCOL=UDP,TCP,TPC,UPC,UDP WAZUH_MANAGER_PORT=444 WAZUH_AGENT_NAME=TESTING apt-get install ./wazuh-agent_4.4.0-0.commit8eb0a41_amd64.deb` **Configuration**: `````` wazuh-manager 444 udp ubuntu, ubuntu22, ubuntu22.04 10 60 yes aes yes wazuh-manager TESTING etc/authd.pass Windows :green_circle:
**Command**: `.\wazuh-agent.msi /q WAZUH_MANAGER=wazuh-manager WAZUH_PROTOCOL=UDP,TCP,TPC,UPC,UDP WAZUH_MANAGER_PORT=444 WAZUH_AGENT_NAME=TESTING` **Configuration**: `````` wazuh-manager 444 udp aes 10 60 yes yes TESTING macOS :green_circle:
**Command**: `launchctl setenv WAZUH_MANAGER "wazuh-manager" WAZUH_AGENT_NAME "TESTING" WAZUH_PROTOCOL "TCP" WAZUH_MANAGER_PORT "444" && installer -pkg wazuh-agent-4.4.0-0.pkg -target /;` **Configuration**: `````` wazuh-manager 444 tcp darwin, darwin21, darwin21.1 10 60 yes aes yes wazuh-manager TESTING etc/authd.pass
N: Download is performed unsandboxed as root as file '/home/ubuntu/wazuh-agent_4.4.0-0.commitd677dd2_amd64.deb' couldn't be accessed by user '_apt'. - pkgAcquire::Run (13: Permission denied)
:yellow_circle:. Reported https://github.com/wazuh/wazuh-packages/issues/1709config-profile
:yellow_circle: . Detailed in https://github.com/wazuh/wazuh/issues/15150dpkg: warning: while removing wazuh-agent, directory '/usr/lib/systemd/system' not empty so not removed
. Present in 4.3.8 :yellow_circle:. Detailed in https://github.com/wazuh/wazuh-packages/issues/1879WAZUH_REGISTRATION_SERVER
(the first manager if it is not specified). After this change managers' list is stable, maintaining the user manager's ordering.π’ | Solved |
π΅ | Proposed to be fixed in future versions or developments |
β« | Discarded |
The development has been approved taking into account the following considerations:
(1) The values of WAZUH_MANAGER do not follow the specified order, causing inconsistencies. π’
Installation using the WAZUH_MANAGER variable with multiple values causes blocks to be inserted in an unexpected order, causing the protocols and manager addresses to not match as expected. This occurs for Linux and macOS agents.
This has been fixed in this current development
(2) WAZUH_PROTOCOL values cause multiple
This has been solved in this current development https://github.com/wazuh/wazuh/pull/15038/commits/f07df8f120438f3e45165c9e417b8d14f4d41307
(3) If we specify more values for WAZUH_MANAGER variable than > WAZUH_PROTOCOL, then wazuh-agent installation fails for Windows π’
This has been solved in this current development https://github.com/wazuh/wazuh/pull/15038/commits/50c5c1147d0cc2e62c461f2a9aefd4b4c556f049
(4) New Warning during agent installation in Ubuntu β«
This was previously investigated in this issue wazuh-packages#1709 and this seems to be related to apt
(see the issue comments).
(5) Windows Server 2022 default configuration does not include any config-profile π΅
The following issue has been opened to report this wazuh#15150. It will be fixed for future versions.
(6) Default manager IP mismatch for Linux and macOS agents (MANAGER_IP) from Windows (0.0.0.0) π΅
The following issue has been opened to report this wazuh#15154. It will be fixed for future versions.
(7) Warning during Ubuntu agent uninstallation using apt-get remove wazuh-agent π΅
dpkg: warning: while removing wazuh-agent, directory '/usr/lib/systemd/system' not empty so not removed
This also happens in the production version. The following issue has been opened to report this wazuh-packages#1879. It will be investigated and probably fixed for future versions.
(8) Unexpected message during installation in AmazonLinux and Ubuntu OS π’
/var/ossec/packages_files/agent_installation_scripts/src/init/register_configure_agent.sh: line 339: [: too many arguments
This has been solved in this current development https://github.com/wazuh/wazuh/pull/15038/commits/7b05541aa1155070ac428a0fbea0c1912b1018b2
(9) If duplicated managers are provided in WAZUH_MANAGER, the configuration will include duplicate configuration. π’
This has been solved in this current development https://github.com/wazuh/wazuh/commit/7d38f36f0818a537e209d699631f26e689d5f667
(10) While in Linux agent enrollment configuration block is always specified, in Windows agent if default values are not changed, no configuration is specified π’
This has been solved in this current development https://github.com/wazuh/wazuh/pull/15038/commits/745089577d88eed0a9ce522743051993ae14fb0b
(11) Enrollment configuration block indentation is incorrect for Windows agents π΅
The following issue has been opened to report this wazuh#15324. It will be fixed for future versions.
(12) If a previous agent installation was performed, and only binaries were removed (apt-get remove), the new agent installation will set the default configuration independently of the parameters specified β«
After talking with the development team, this is a normal behavior since the OS considers that it is an upgrade if it is not uninstalled with purge
.
Description
In this issue, we have added a feature that allows the users to add multiple protocol types when using the deployment variables. This needs manual testing to validate it.
Proposed checks
This tests must be performed on Linux, Windows and macOS systems.
Steps to reproduce
Expected results
After the installation, the configuration in
ossec.conf
should be the correct one for the deployment variables used.Configuration and considerations