Fourth iteration of Wazuh installer assistant

[c-bordon]

The following improvements and corrections that are necessary to make in the Wazuh installer assistant are detailed:

• Check that nc is available in the different OS that we support @DFolchA
• Validate that unzip is used somewhere in the process @DFolchA
• Adjust the minimum of the OVA and AMI to 4 cores and 8 GB of RAM @c-bordon
• Carry out validations to verify that the parameters -c, -t, -wd, -wi, and -ws receive valid parameters since it was possible to verify that it can give an error if several parameters are agreed, similar to what was done with the - dw @c-bordon
• Fix getHelp() functions comments. @fcaffieri
• Installation in verbose mode does not stop even when there are errors. @fcaffieri
• Problem on RHEL8 installation. @c-bordon
• Remove from logs passwords and users. @fcaffieri
• Clusterstate in YELLOW state. @fcaffieri
• The operation to create the indexes of Opendistro_security is executed 3 times. @fcaffieri
• Admin password management on logs.
• "The Wazuh repository set to production" review log message. @fcaffieri
• Ensure the dashboard installation stops if the used name does not match the configured one @DFolchA

[c-bordon]

I've been testing, for rhel8 the package is netcat, while for centos 7 the package is nmap-ncat, I'm testing OS type and version validations to differentiate the packages

[fcaffieri]

Status of topics

Installation in verbose mode does not stop even when there are errors:

PR generated: #1486

---

Fix getHelp() functions comments:

Waiting for a response from content about the changes.

---

Remove from logs passwords and users:

The users are not saved in a file but are shown in the log like this:

04/21/2022 07:31:23 INFO: Users in the file: admin kibanaserver kibanaro logstash readall snapshotrestore wazuh_admin wazuh_user
4/21/2022 7:31:23 INFO: Passwords in the file: yMAYrMZwkBTNEyGbV9tYpKTaSjXtc5nI 0Ie1ug0FAeI6SkyaddreyoFdOnwDGrm8 H0W3hqRTtS9a5JhldaSo5HRbhTNf4ZMj uYWNlbboso48MWD49P4DxbpTTwv7sEIm LRKkg7oEHZpsioPpbZe0exyYtHpEWVlQ 91PR90TL3EQyYTSaZLYE1JrAUlRxAA6M bl0YPM1fLyFYV4bU2GeyDMnYUoryNuuT QabDqCHuIPZiUc5XMn6OJc6dtRrijNp0

Removing this log.

---

The operation to create the indexes of Opendistro_security is executed 3 times:

This happens only in the installation with the -a or --all parameter, and it happens because each execution has a particular reason:

In the main AIO we have the following 2 functions in which the, 3 securityadmin-sh executions take place:

Function	Sub Function	Reason
indexer_initialize()	-	security admin is executed to run to initialize Wazuh indexer cluster security settings.
installCommon_changePasswords()	passwords_createBackUp()	security admin is executed to generate the Backup of passwords, the -backup parameter is used
installCommon_changePasswords()	passwords_runSecurityAdmin()	security admin is executed to load new passwords as they are previously modified in function passwords_changePassword()

---

[c-bordon]

Add a validation to detect the operating system and the version, locally this worked for me, but when running the tests in Jenkins, the AWS machine has other repositories that do have the nmap-ncat package and do not have netcat, so the solution is not valid, I am investigating since this is probably due to the difference between the yum repositories that the machines have installed:

Local Test:

[root@redhat-8 ~]# ./wazuh-install.sh -a
26/04/2022 20:30:50 INFO: Starting Wazuh installation assistant. Wazuh version: 4.3.0
26/04/2022 20:30:50 INFO: Verbose logging redirected to /var/log/wazuh-install.log
26/04/2022 20:30:57 INFO: --- Dependencies ---
26/04/2022 20:30:57 INFO: Installing netcat.
26/04/2022 20:31:08 INFO: Wazuh development repository added.
26/04/2022 20:31:08 INFO: --- Configuration files ---
26/04/2022 20:31:08 INFO: Generating configuration files.
26/04/2022 20:31:09 INFO: Created wazuh-install-files.tar. It contains the Wazuh cluster key, certificates, and passwords necessary for installation.
26/04/2022 20:31:09 INFO: --- Wazuh indexer ---
26/04/2022 20:31:09 INFO: Starting Wazuh indexer installation.
26/04/2022 20:32:39 INFO: Wazuh indexer installation finished.
26/04/2022 20:32:39 INFO: Wazuh indexer post-install configuration finished.
26/04/2022 20:32:39 INFO: Starting service wazuh-indexer.
26/04/2022 20:32:49 INFO: wazuh-indexer service started.
26/04/2022 20:32:49 INFO: Initializing Wazuh indexer cluster security settings.
26/04/2022 20:32:54 INFO: Wazuh indexer cluster initialized.
26/04/2022 20:32:54 INFO: --- Wazuh server ---
26/04/2022 20:32:54 INFO: Starting the Wazuh manager installation.
26/04/2022 20:34:19 INFO: Wazuh manager installation finished.
26/04/2022 20:34:19 INFO: Starting service wazuh-manager.
26/04/2022 20:34:31 INFO: wazuh-manager service started.
26/04/2022 20:34:31 INFO: Starting Filebeat installation.
26/04/2022 20:34:40 INFO: Filebeat installation finished.
26/04/2022 20:34:41 INFO: Filebeat post-install configuration finished.
26/04/2022 20:34:41 INFO: Starting service filebeat.
26/04/2022 20:34:41 INFO: filebeat service started.
26/04/2022 20:34:41 INFO: --- Wazuh dashboard ---
26/04/2022 20:34:41 INFO: Starting Wazuh dashboard installation.
26/04/2022 20:36:09 INFO: Wazuh dashboard installation finished.
26/04/2022 20:36:09 INFO: Wazuh dashboard post-install configuration finished.
26/04/2022 20:36:09 INFO: Starting service wazuh-dashboard.
26/04/2022 20:36:09 INFO: wazuh-dashboard service started.
26/04/2022 20:36:24 INFO: Initializing Wazuh dashboard web application.
26/04/2022 20:36:37 INFO: Wazuh dashboard web application initialized.
26/04/2022 20:36:37 INFO: --- Summary ---
26/04/2022 20:36:37 INFO: You can access the web interface https://<wazuh-dashboard-ip>.
    User: admin
    Password: S2vnNK2quWIzMwHNdlm1xcrrTdEUTKRs
26/04/2022 20:36:37 INFO: The password can be seen in the file /var/log/wazuh-install.log
26/04/2022 20:36:37 INFO: Installation finished.

AWS Test:

17:51:43  26/04/2022 20:45:10 INFO: Installing netcat.
17:51:43  Updating Subscription Management repositories.
17:51:43  Unable to read consumer identity
17:51:43  
17:51:43  This system is not registered to Red Hat Subscription Management. You can use subscription-manager to register.
17:51:43  
17:51:43  Last metadata expiration check: 0:01:13 ago on Tue Apr 26 20:43:58 2022.
17:51:43  No match for argument: netcat
17:51:43  Error: Unable to find a match: netcat
17:51:43  26/04/2022 20:45:14 DEBUG: Adding the Wazuh repository.

[root@ip-172-31-4-188 ~]# yum install -y netcat
Updating Subscription Management repositories.
Unable to read consumer identity

This system is not registered to Red Hat Subscription Management. You can use subscription-manager to register.

EL-8 - Wazuh                                                                                                                                                                                                  28 MB/s | 4.8 MB     00:00    
Last metadata expiration check: 0:00:02 ago on Tue 26 Apr 2022 09:10:58 PM UTC.
No match for argument: netcat
Error: Unable to find a match: netcat
[root@ip-172-31-4-188 ~]# yum install -y nmap-ncat
Updating Subscription Management repositories.
Unable to read consumer identity

This system is not registered to Red Hat Subscription Management. You can use subscription-manager to register.

Last metadata expiration check: 0:00:19 ago on Tue 26 Apr 2022 09:10:58 PM UTC.
Dependencies resolved.
=============================================================================================================================================================================================================================================
 Package                                              Architecture                                      Version                                                  Repository                                                             Size
=============================================================================================================================================================================================================================================
Installing:
 nmap-ncat                                            x86_64                                            2:7.70-6.el8                                             rhel-8-appstream-rhui-rpms                                            237 k

Transaction Summary
=============================================================================================================================================================================================================================================
Install  1 Package

Total download size: 237 k
Installed size: 480 k
Downloading Packages:
nmap-ncat-7.70-6.el8.x86_64.rpm                                                                                                                                                                              9.6 MB/s | 237 kB     00:00    
---------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------
Total                                                                                                                                                                                                        5.7 MB/s | 237 kB     00:00     
Running transaction check
Transaction check succeeded.
Running transaction test
Transaction test succeeded.
Running transaction
  Preparing        :                                                                                                                                                                                                                     1/1 
  Installing       : nmap-ncat-2:7.70-6.el8.x86_64                                                                                                                                                                                       1/1 
  Running scriptlet: nmap-ncat-2:7.70-6.el8.x86_64                                                                                                                                                                                       1/1 
  Verifying        : nmap-ncat-2:7.70-6.el8.x86_64                                                                                                                                                                                       1/1 
Installed products updated.

Installed:
  nmap-ncat-2:7.70-6.el8.x86_64                                                                                                                                                                                                              

Complete!

I am going to modify the validation, to look for the package before installing it