wazuh-manager

This role will install and configure the Wazuh manager service.

OS Requirements

This role will work on:

• Red Hat
• CentOS
• Fedora
• Debian
• Ubuntu

Role Requirements

• ansible-xml

Role Variables

• nodejs_repo_add: (boolean) Add nodejs repo to apt or rpm sources before installing

• nodejs_repo_remove: (boolean) Remove nodejs repo from sources after installation is complete

• wazuh_agentless_hosts: (dict) Usernames and passwords for agentless monitoring

• wazuh_api_install: (boolean) Install wazuh-api app

• wazuh_api_users: (dict) Usernames and passwords for API authentication

• wazuh_async_timeout: (int) Default timeout between checks for completion of async operations such as apt and yum

• wazuh_async_tries: (int) Max number of times to check for async completion before declaring failure

• wazuh_authd_pass: Password for agent registration

• wazuh_cdb_lists_custom: Custom CDB lists

• wazuh_manager: Wazuh manager local configuration

  • wazuh_manager_activeresponse: Settings for active-response section
  • wazuh_manager_alerts: Settings for alerts section
  • wazuh_manager_auth: Settings for auth section
  • wazuh_manager_cluster: Settings for cluster section
  • wazuh_manager_command: Settings for command section
  • wazuh_manager_databaseoutput: Settings for database_output section
  • wazuh_manager_emailalerts: Settings for email_alerts section
  • wazuh_manager_global: Settings for global section
  • wazuh_manager_integration: Settings for integration section
  • wazuh_manager_labels: Settings for labels section
  • wazuh_manager_localfile: Settings for localfile section
  • wazuh_manager_logformat: Log format setting
  • wazuh_manager_remote: Remote section
  • wazuh_manager_reports: Reports section
  • wazuh_manager_rootcheck: Settings for rootcheck section
  • wazuh_manager_ruleset: Settings for ruleset section
  • wazuh_manager_socket: Settings for socket section
  • wazuh_manager_syscheck: Settings for syscheck section
  • wazuh_manager_syslogoutput: Settings for syslog_output section
  • wazuh_manager_wodle: Settings for Wazuh modules
  • wazuh_manager_wodle_aws: Settings for the AWS-s3 module
  • wazuh_manager_wodle_ciscat: Settings for the cis-cat module
  • wazuh_manager_wodle_command: Settings for the command module
  • wazuh_manager_wodle_openscap: Settings for the open-scap module
  • wazuh_manager_wodle_osquery: Settings for the osquery module
  • wazuh_manager_wodle_syscollector: Settings for the syscollector module
  • wazuh_manager_wodle_vuldetector: Settings for the vulnerability-detector module

• wazuh_purge: Completely remove the /var/ossec directory before installation. (defaults to false).

• wazuh_repo_add: Add the wazuh repo prior to installation.

• wazuh_repo_remove: Remove the wazuh repo after installation.

• wazuh_shared: Settings for centralized configuration

  • wazuh_shared_linux: Centralized settings for linux agents
  • wazuh_shared_windows: Centralized settings for windows agents

Example Playbook

    - hosts: 'wazuh-manager.example.com'
      roles:
        - 'ansible-wazuh-manager'
      vars:
        wazuh_authd_pass: 'S3CR3T'
        wazuh_manager_auth_disabled: false
        wazuh_manager_auth_usepassword: true
        

License

BSD

Created by Robert Vincent based on previous work by Wazuh, Inc.