Wrong enabled SCA policy on Wazuh OVA #2744
Assignees
Labels
Comments
UpdateDoing a little more research, the AMI used to build the OVA and the vagrantbox used to build locally contain the file AMI: ami-0f463cf5ed41502eb |
Update reportThe new versions of the
New versions: AMI: ami-0d4bd55523ee67aa4 |
Update reportA test of the construction of the OVA was carried out with the new Vagrantbox using version 4.7.2 of Wazuh and the result was correct: [root@wazuh-server ~]# ls -la /etc/r*
lrwxrwxrwx 1 root root 10 Mar 8 2023 /etc/rc0.d -> rc.d/rc0.d
lrwxrwxrwx 1 root root 10 Mar 8 2023 /etc/rc1.d -> rc.d/rc1.d
lrwxrwxrwx 1 root root 10 Mar 8 2023 /etc/rc2.d -> rc.d/rc2.d
lrwxrwxrwx 1 root root 10 Mar 8 2023 /etc/rc3.d -> rc.d/rc3.d
lrwxrwxrwx 1 root root 10 Mar 8 2023 /etc/rc4.d -> rc.d/rc4.d
lrwxrwxrwx 1 root root 10 Mar 8 2023 /etc/rc5.d -> rc.d/rc5.d
lrwxrwxrwx 1 root root 10 Mar 8 2023 /etc/rc6.d -> rc.d/rc6.d
lrwxrwxrwx 1 root root 13 Apr 11 2023 /etc/rc.local -> rc.d/rc.local
-rw-r--r-- 1 root root 1787 Jul 26 2018 /etc/request-key.conf
-rw-r--r-- 1 root root 64 Jan 10 11:52 /etc/resolv.conf
-rw-r--r-- 1 root root 1634 Nov 27 2018 /etc/rpc
-rw-r--r-- 1 root root 458 Jun 1 2023 /etc/rsyncd.conf
-rw-r--r-- 1 root root 3232 Feb 7 2023 /etc/rsyslog.conf
-rw-r--r-- 1 root root 966 Sep 22 2022 /etc/rwtab[root@wazuh-server ~]# ls -la /var/ossec/ruleset/sca/
total 10156
drwxr-x--- 2 root wazuh 4096 Jan 10 14:39 .
drwxr-x--- 5 root wazuh 46 Jan 10 14:39 ..
-rw-r----- 1 root wazuh 207513 Jan 5 22:07 cis_amazon_linux_1.yml.disabled
-rw-r----- 1 root wazuh 236403 Jan 5 22:07 cis_amazon_linux_2.yml
-rw-r----- 1 root wazuh 47977 Jan 5 22:07 cis_apache_24.yml.disabled
-rw-r----- 1 root wazuh 33522 Jan 5 22:07 cis_apple_macOS_10.11.yml.disabled
-rw-r----- 1 root wazuh 30577 Jan 5 22:07 cis_apple_macOS_10.12.yml.disabled
-rw-r----- 1 root wazuh 30101 Jan 5 22:07 cis_apple_macOS_10.13.yml.disabled
-rw-r----- 1 root wazuh 61211 Jan 5 22:07 cis_apple_macOS_10.14.yml.disabled
-rw-r----- 1 root wazuh 65229 Jan 5 22:07 cis_apple_macOS_10.15.yml.disabled
-rw-r----- 1 root wazuh 77375 Jan 5 22:07 cis_apple_macOS_11.1.yml.disabled
-rw-r----- 1 root wazuh 90803 Jan 5 22:07 cis_apple_macOS_12.0.yml.disabled
-rw-r----- 1 root wazuh 181718 Jan 5 22:07 cis_apple_macOS_13.x.yml.disabled
-rw-r----- 1 root wazuh 150869 Jan 5 22:07 cis_apple_macOS_14.0.yml.disabled
-rw-r----- 1 root wazuh 209419 Jan 5 22:07 cis_centos6_linux.yml.disabled
-rw-r----- 1 root wazuh 262843 Jan 5 22:07 cis_centos7_linux.yml.disabled
-rw-r----- 1 root wazuh 232169 Jan 5 22:07 cis_centos8_linux.yml.disabled
-rw-r----- 1 root wazuh 240527 Jan 5 22:07 cis_debian10.yml.disabled
-rw-r----- 1 root wazuh 381099 Jan 5 22:07 cis_debian11.yml.disabled
-rw-r----- 1 root wazuh 342660 Jan 5 22:07 cis_debian12.yml.disabled
-rw-r----- 1 root wazuh 179167 Jan 5 22:07 cis_debian7.yml.disabled
-rw-r----- 1 root wazuh 207081 Jan 5 22:07 cis_debian8.yml.disabled
-rw-r----- 1 root wazuh 206116 Jan 5 22:07 cis_debian9.yml.disabled
-rw-r----- 1 root wazuh 64290 Jan 5 22:07 cis_iis_10.yml.disabled
-rw-r----- 1 root wazuh 19741 Jan 5 22:07 cis_mongodb_36.yml.disabled
-rw-r----- 1 root wazuh 21621 Jan 5 22:07 cis_mysql5-6_community.yml.disabled
-rw-r----- 1 root wazuh 27694 Jan 5 22:07 cis_mysql5-6_enterprise.yml.disabled
-rw-r----- 1 root wazuh 69550 Jan 5 22:07 cis_nginx_1.yml.disabled
-rw-r----- 1 root wazuh 206980 Jan 5 22:07 cis_oracle_database_19c.yml.disabled
-rw-r----- 1 root wazuh 50578 Jan 5 22:07 cis_postgre-sql-13.yml.disabled
-rw-r----- 1 root wazuh 56850 Jan 5 22:07 cis_rhel5_linux.yml.disabled
-rw-r----- 1 root wazuh 210236 Jan 5 22:07 cis_rhel6_linux.yml.disabled
-rw-r----- 1 root wazuh 256642 Jan 5 22:07 cis_rhel7_linux.yml.disabled
-rw-r----- 1 root wazuh 233313 Jan 5 22:07 cis_rhel8_linux.yml.disabled
-rw-r----- 1 root wazuh 277254 Jan 5 22:07 cis_rhel9_linux.yml.disabled
-rw-r----- 1 root wazuh 60607 Jan 5 22:07 cis_sles11_linux.yml.disabled
-rw-r----- 1 root wazuh 62673 Jan 5 22:07 cis_sles12_linux.yml.disabled
-rw-r----- 1 root wazuh 180651 Jan 5 22:07 cis_sles15_linux.yml.disabled
-rw-r----- 1 root wazuh 80376 Jan 5 22:07 cis_solaris11.4.yml.disabled
-rw-r----- 1 root wazuh 63879 Jan 5 22:07 cis_solaris11.yml.disabled
-rw-r----- 1 root wazuh 35019 Jan 5 22:07 cis_sqlserver_2012.yml.disabled
-rw-r----- 1 root wazuh 34992 Jan 5 22:07 cis_sqlserver_2014.yml.disabled
-rw-r----- 1 root wazuh 34943 Jan 5 22:07 cis_sqlserver_2016.yml.disabled
-rw-r----- 1 root wazuh 35289 Jan 5 22:07 cis_sqlserver_2017.yml.disabled
-rw-r----- 1 root wazuh 33837 Jan 5 22:07 cis_sqlserver_2019.yml.disabled
-rw-r----- 1 root wazuh 206630 Jan 5 22:07 cis_ubuntu14-04.yml.disabled
-rw-r----- 1 root wazuh 206755 Jan 5 22:07 cis_ubuntu16-04.yml.disabled
-rw-r----- 1 root wazuh 246118 Jan 5 22:07 cis_ubuntu18-04.yml.disabled
-rw-r----- 1 root wazuh 396861 Jan 5 22:07 cis_ubuntu20-04.yml.disabled
-rw-r----- 1 root wazuh 328521 Jan 5 22:07 cis_ubuntu22-04.yml.disabled
-rw-r----- 1 root wazuh 678759 Jan 5 22:07 cis_win10_enterprise.yml.disabled
-rw-r----- 1 root wazuh 681902 Jan 5 22:07 cis_win11_enterprise.yml.disabled
-rw-r----- 1 root wazuh 396896 Jan 5 22:07 cis_win2012r2.yml.disabled
-rw-r----- 1 root wazuh 454594 Jan 5 22:07 cis_win2016.yml.disabled
-rw-r----- 1 root wazuh 453939 Jan 5 22:07 cis_win2019.yml.disabled
-rw-r----- 1 root wazuh 627420 Jan 5 22:07 cis_win2022.yml.disabled
-rw-r----- 1 root wazuh 19044 Jan 5 22:07 sca_unix_audit.yml.disabled
-rw-r----- 1 root wazuh 6792 Jan 5 22:07 web_vulnerabilities.yml.disabled
OVA buildcbordon@cbordon-MS-7C88:~/Documents/wazuh/repositorios/wazuh-packages/ova$ bash generate_ova.sh -r dev
Version to build: 4.7.2 with development repository
==> default: VM not created. Moving on...
Bringing machine 'default' up with 'virtualbox' provider...
==> default: Importing base box 'amznlinux-2'...
==> default: Matching MAC address for NAT networking...
==> default: Setting the name of the VM: vm_wazuh
==> default: Clearing any previously set network interfaces...
==> default: Preparing network interfaces based on configuration...
default: Adapter 1: nat
==> default: Forwarding ports...
default: 22 (guest) => 2222 (host) (adapter 1)
==> default: Running 'pre-boot' VM customizations...
==> default: Booting VM...
==> default: Waiting for machine to boot. This may take a few minutes...
default: SSH address: 127.0.0.1:2222
default: SSH username: wazuh-user
default: SSH auth method: password
default:
default: Inserting generated public key within guest...
default: Removing insecure key from the guest if it's present...
default: Key inserted! Disconnecting and reconnecting using new SSH key...
==> default: Machine booted and ready!
==> default: Checking for guest additions in VM...
==> default: Setting hostname...
==> default: Rsyncing folder: /home/cbordon/Documents/wazuh/repositorios/wazuh-packages/ova/ => /tmp
==> default: - Exclude: [".vagrant/", "output"]
==> default: Running provisioner: shell...
default: Running: /tmp/vagrant-shell20240110-162505-f68h9k.sh
default: Using dev packages
default: Upgrading the system. This may take a while ...
default: Loaded plugins: langpacks, priorities, update-motd
default: No packages marked for update
default: Loaded plugins: langpacks, priorities, update-motd
default: Resolving Dependencies
default: --> Running transaction check
default: ---> Package dracut-fips.x86_64 0:033-535.amzn2.1.6 will be installed
default: --> Processing Dependency: hmaccalc for package: dracut-fips-033-535.amzn2.1.6.x86_64
default: --> Running transaction check
default: ---> Package hmaccalc.x86_64 0:0.9.13-4.amzn2.0.1 will be installed
default: --> Finished Dependency Resolution
default:
default: Dependencies Resolved
default:
default: ================================================================================
default: Package Arch Version Repository Size
default: ================================================================================
default: Installing:
default: dracut-fips x86_64 033-535.amzn2.1.6 amzn2-core 60 k
default: Installing for dependencies:
default: hmaccalc x86_64 0.9.13-4.amzn2.0.1 amzn2-core 26 k
default:
default: Transaction Summary
default: ================================================================================
default: Install 1 Package (+1 Dependent package)
default:
default: Total download size: 87 k
default: Installed size: 107 k
default: Downloading packages:
default: --------------------------------------------------------------------------------
default: Total 24 kB/s | 87 kB 00:03
default: Running transaction check
default: Running transaction test
default: Transaction test succeeded
default: Running transaction
default: Installing : hmaccalc-0.9.13-4.amzn2.0.1.x86_64 1/2
default: Installing : dracut-fips-033-535.amzn2.1.6.x86_64 2/2
default: Verifying : dracut-fips-033-535.amzn2.1.6.x86_64 1/2
default: Verifying : hmaccalc-0.9.13-4.amzn2.0.1.x86_64 2/2
default:
default: Installed:
default: dracut-fips.x86_64 0:033-535.amzn2.1.6
default:
default: Dependency Installed:
default: hmaccalc.x86_64 0:0.9.13-4.amzn2.0.1
default:
default: Complete!
default: Created symlink from /etc/systemd/system/multi-user.target.wants/updateIndexerHeap.service to /etc/systemd/system/updateIndexerHeap.service.
default: Loaded plugins: langpacks, priorities, update-motd
default: Package freetype-2.8-14.amzn2.1.1.x86_64 already installed and latest version
default: Resolving Dependencies
default: --> Running transaction check
default: ---> Package fontconfig.x86_64 0:2.13.0-4.3.amzn2 will be installed
default: --> Processing Dependency: dejavu-sans-fonts for package: fontconfig-2.13.0-4.3.amzn2.x86_64
default: --> Processing Dependency: fontpackages-filesystem for package: fontconfig-2.13.0-4.3.amzn2.x86_64
default: ---> Package ipa-gothic-fonts.noarch 0:003.03-5.amzn2 will be installed
default: ---> Package nss.i686 0:3.90.0-2.amzn2.0.1 will be installed
default: --> Processing Dependency: nss-softokn(x86-32) >= 3.90.0-1 for package: nss-3.90.0-2.amzn2.0.1.i686
default: --> Processing Dependency: libdl.so.2 for package: nss-3.90.0-2.amzn2.0.1.i686
default: --> Processing Dependency: libnspr4.so for package: nss-3.90.0-2.amzn2.0.1.i686
default: --> Processing Dependency: libnssutil3.so for package: nss-3.90.0-2.amzn2.0.1.i686
default: --> Processing Dependency: libnssutil3.so(NSSUTIL_3.12) for package: nss-3.90.0-2.amzn2.0.1.i686
default: --> Processing Dependency: libnssutil3.so(NSSUTIL_3.12.3) for package: nss-3.90.0-2.amzn2.0.1.i686
default: --> Processing Dependency: libnssutil3.so(NSSUTIL_3.12.5) for package: nss-3.90.0-2.amzn2.0.1.i686
default: --> Processing Dependency: libnssutil3.so(NSSUTIL_3.13) for package: nss-3.90.0-2.amzn2.0.1.i686
default: --> Processing Dependency: libnssutil3.so(NSSUTIL_3.14) for package: nss-3.90.0-2.amzn2.0.1.i686
default: --> Processing Dependency: libnssutil3.so(NSSUTIL_3.15) for package: nss-3.90.0-2.amzn2.0.1.i686
default: --> Processing Dependency: libnssutil3.so(NSSUTIL_3.17.1) for package: nss-3.90.0-2.amzn2.0.1.i686
default: --> Processing Dependency: libnssutil3.so(NSSUTIL_3.21) for package: nss-3.90.0-2.amzn2.0.1.i686
default: --> Processing Dependency: libnssutil3.so(NSSUTIL_3.24) for package: nss-3.90.0-2.amzn2.0.1.i686
default: --> Processing Dependency: libnssutil3.so(NSSUTIL_3.31) for package: nss-3.90.0-2.amzn2.0.1.i686
default: --> Processing Dependency: libnssutil3.so(NSSUTIL_3.38) for package: nss-3.90.0-2.amzn2.0.1.i686
default: --> Processing Dependency: libnssutil3.so(NSSUTIL_3.39) for package: nss-3.90.0-2.amzn2.0.1.i686
default: --> Processing Dependency: libnssutil3.so(NSSUTIL_3.59) for package: nss-3.90.0-2.amzn2.0.1.i686
default: --> Processing Dependency: libnssutil3.so(NSSUTIL_3.82) for package: nss-3.90.0-2.amzn2.0.1.i686
default: --> Processing Dependency: libplc4.so for package: nss-3.90.0-2.amzn2.0.1.i686
default: --> Processing Dependency: libplds4.so for package: nss-3.90.0-2.amzn2.0.1.i686
default: --> Processing Dependency: libpthread.so.0 for package: nss-3.90.0-2.amzn2.0.1.i686
default: --> Processing Dependency: libpthread.so.0(GLIBC_2.0) for package: nss-3.90.0-2.amzn2.0.1.i686
default: --> Processing Dependency: nss-pem(x86-32) for package: nss-3.90.0-2.amzn2.0.1.i686
default: --> Processing Dependency: libc.so.6(GLIBC_2.4) for package: nss-3.90.0-2.amzn2.0.1.i686
default: ---> Package open-vm-tools.x86_64 0:12.3.0-1.amzn2.0.1 will be installed
default: --> Processing Dependency: fuse for package: open-vm-tools-12.3.0-1.amzn2.0.1.x86_64
default: --> Processing Dependency: xmlsec1-openssl for package: open-vm-tools-12.3.0-1.amzn2.0.1.x86_64
default: --> Processing Dependency: libltdl.so.7()(64bit) for package: open-vm-tools-12.3.0-1.amzn2.0.1.x86_64
default: --> Processing Dependency: libmspack.so.0()(64bit) for package: open-vm-tools-12.3.0-1.amzn2.0.1.x86_64
default: --> Processing Dependency: libxmlsec1.so.1()(64bit) for package: open-vm-tools-12.3.0-1.amzn2.0.1.x86_64
default: --> Processing Dependency: libxslt.so.1()(64bit) for package: open-vm-tools-12.3.0-1.amzn2.0.1.x86_64
default: ---> Package xorg-x11-fonts-100dpi.noarch 0:7.5-9.amzn2 will be installed
default: --> Processing Dependency: mkfontdir for package: xorg-x11-fonts-100dpi-7.5-9.amzn2.noarch
default: --> Processing Dependency: mkfontdir for package: xorg-x11-fonts-100dpi-7.5-9.amzn2.noarch
default: ---> Package xorg-x11-fonts-75dpi.noarch 0:7.5-9.amzn2 will be installed
default: ---> Package xorg-x11-fonts-Type1.noarch 0:7.5-9.amzn2 will be installed
default: --> Processing Dependency: ttmkfdir for package: xorg-x11-fonts-Type1-7.5-9.amzn2.noarch
default: --> Processing Dependency: ttmkfdir for package: xorg-x11-fonts-Type1-7.5-9.amzn2.noarch
default: ---> Package xorg-x11-fonts-cyrillic.noarch 0:7.5-9.amzn2 will be installed
default: ---> Package xorg-x11-fonts-misc.noarch 0:7.5-9.amzn2 will be installed
default: ---> Package xorg-x11-utils.x86_64 0:7.5-23.amzn2 will be installed
default: --> Processing Dependency: libX11-xcb.so.1()(64bit) for package: xorg-x11-utils-7.5-23.amzn2.x86_64
default: --> Processing Dependency: libX11.so.6()(64bit) for package: xorg-x11-utils-7.5-23.amzn2.x86_64
default: --> Processing Dependency: libXext.so.6()(64bit) for package: xorg-x11-utils-7.5-23.amzn2.x86_64
default: --> Processing Dependency: libXi.so.6()(64bit) for package: xorg-x11-utils-7.5-23.amzn2.x86_64
default: --> Processing Dependency: libXinerama.so.1()(64bit) for package: xorg-x11-utils-7.5-23.amzn2.x86_64
default: --> Processing Dependency: libXrandr.so.2()(64bit) for package: xorg-x11-utils-7.5-23.amzn2.x86_64
default: --> Processing Dependency: libXrender.so.1()(64bit) for package: xorg-x11-utils-7.5-23.amzn2.x86_64
default: --> Processing Dependency: libXtst.so.6()(64bit) for package: xorg-x11-utils-7.5-23.amzn2.x86_64
default: --> Processing Dependency: libXv.so.1()(64bit) for package: xorg-x11-utils-7.5-23.amzn2.x86_64
default: --> Processing Dependency: libXxf86dga.so.1()(64bit) for package: xorg-x11-utils-7.5-23.amzn2.x86_64
default: --> Processing Dependency: libXxf86misc.so.1()(64bit) for package: xorg-x11-utils-7.5-23.amzn2.x86_64
default: --> Processing Dependency: libXxf86vm.so.1()(64bit) for package: xorg-x11-utils-7.5-23.amzn2.x86_64
default: --> Processing Dependency: libdmx.so.1()(64bit) for package: xorg-x11-utils-7.5-23.amzn2.x86_64
default: --> Processing Dependency: libxcb-shape.so.0()(64bit) for package: xorg-x11-utils-7.5-23.amzn2.x86_64
default: --> Processing Dependency: libxcb.so.1()(64bit) for package: xorg-x11-utils-7.5-23.amzn2.x86_64
default: --> Running transaction check
default: ---> Package dejavu-sans-fonts.noarch 0:2.33-6.amzn2 will be installed
default: --> Processing Dependency: dejavu-fonts-common = 2.33-6.amzn2 for package: dejavu-sans-fonts-2.33-6.amzn2.noarch
default: ---> Package fontpackages-filesystem.noarch 0:1.44-8.amzn2 will be installed
default: ---> Package fuse.x86_64 0:2.9.2-11.amzn2 will be installed
default: ---> Package glibc.i686 0:2.26-63.amzn2.0.1 will be installed
default: ---> Package libX11.x86_64 0:1.6.7-3.amzn2.0.5 will be installed
default: --> Processing Dependency: libX11-common >= 1.6.7-3.amzn2.0.5 for package: libX11-1.6.7-3.amzn2.0.5.x86_64
default: ---> Package libXext.x86_64 0:1.3.3-3.amzn2.0.2 will be installed
default: ---> Package libXi.x86_64 0:1.7.9-1.amzn2.0.2 will be installed
default: ---> Package libXinerama.x86_64 0:1.1.3-2.1.amzn2.0.2 will be installed
default: ---> Package libXrandr.x86_64 0:1.5.1-2.amzn2.0.3 will be installed
default: ---> Package libXrender.x86_64 0:0.9.10-1.amzn2.0.2 will be installed
default: ---> Package libXtst.x86_64 0:1.2.3-1.amzn2.0.2 will be installed
default: ---> Package libXv.x86_64 0:1.0.11-1.amzn2.0.2 will be installed
default: ---> Package libXxf86dga.x86_64 0:1.1.4-2.1.amzn2.0.2 will be installed
default: ---> Package libXxf86misc.x86_64 0:1.0.3-7.1.amzn2.0.2 will be installed
default: ---> Package libXxf86vm.x86_64 0:1.1.4-1.amzn2.0.2 will be installed
default: ---> Package libdmx.x86_64 0:1.1.3-3.amzn2.0.2 will be installed
default: ---> Package libmspack.x86_64 0:0.5-0.8.alpha.amzn2 will be installed
default: ---> Package libtool-ltdl.x86_64 0:2.4.2-22.2.amzn2.0.2 will be installed
default: ---> Package libxcb.x86_64 0:1.12-1.amzn2.0.2 will be installed
default: --> Processing Dependency: libXau.so.6()(64bit) for package: libxcb-1.12-1.amzn2.0.2.x86_64
default: ---> Package libxslt.x86_64 0:1.1.28-6.amzn2 will be installed
default: ---> Package nspr.i686 0:4.35.0-1.amzn2 will be installed
default: ---> Package nss-pem.i686 0:1.0.3-5.amzn2 will be installed
default: ---> Package nss-softokn.i686 0:3.90.0-6.amzn2 will be installed
default: --> Processing Dependency: nss-softokn-freebl(x86-32) >= 3.90.0-6.amzn2 for package: nss-softokn-3.90.0-6.amzn2.i686
default: --> Processing Dependency: libsqlite3.so.0 for package: nss-softokn-3.90.0-6.amzn2.i686
default: ---> Package nss-util.i686 0:3.90.0-1.amzn2 will be installed
default: ---> Package ttmkfdir.x86_64 0:3.0.9-42.amzn2.0.2 will be installed
default: ---> Package xmlsec1.x86_64 0:1.2.20-7.amzn2.0.1 will be installed
default: ---> Package xmlsec1-openssl.x86_64 0:1.2.20-7.amzn2.0.1 will be installed
default: ---> Package xorg-x11-font-utils.x86_64 1:7.5-21.amzn2 will be installed
default: --> Processing Dependency: libfontenc.so.1()(64bit) for package: 1:xorg-x11-font-utils-7.5-21.amzn2.x86_64
default: --> Running transaction check
default: ---> Package dejavu-fonts-common.noarch 0:2.33-6.amzn2 will be installed
default: ---> Package libX11-common.noarch 0:1.6.7-3.amzn2.0.5 will be installed
default: ---> Package libXau.x86_64 0:1.0.8-2.1.amzn2.0.2 will be installed
default: ---> Package libfontenc.x86_64 0:1.1.3-3.amzn2.0.2 will be installed
default: ---> Package nss-softokn-freebl.i686 0:3.90.0-6.amzn2 will be installed
default: ---> Package sqlite.i686 0:3.7.17-8.amzn2.1.2 will be installed
default: --> Processing Dependency: libncurses.so.6 for package: sqlite-3.7.17-8.amzn2.1.2.i686
default: --> Processing Dependency: libreadline.so.6 for package: sqlite-3.7.17-8.amzn2.1.2.i686
default: --> Processing Dependency: libtinfo.so.6 for package: sqlite-3.7.17-8.amzn2.1.2.i686
default: --> Running transaction check
default: ---> Package ncurses-libs.i686 0:6.0-8.20170212.amzn2.1.7 will be installed
default: ---> Package readline.i686 0:6.2-10.amzn2.0.2 will be installed
default: --> Finished Dependency Resolution
default:
default: Dependencies Resolved
default:
default: ================================================================================
default: Package Arch Version Repository Size
default: ================================================================================
default: Installing:
default: fontconfig x86_64 2.13.0-4.3.amzn2 amzn2-core 253 k
default: ipa-gothic-fonts noarch 003.03-5.amzn2 amzn2-core 3.5 M
default: nss i686 3.90.0-2.amzn2.0.1 amzn2-core 967 k
default: open-vm-tools x86_64 12.3.0-1.amzn2.0.1 amzn2-core 834 k
default: xorg-x11-fonts-100dpi noarch 7.5-9.amzn2 amzn2-core 3.1 M
default: xorg-x11-fonts-75dpi noarch 7.5-9.amzn2 amzn2-core 2.8 M
default: xorg-x11-fonts-Type1 noarch 7.5-9.amzn2 amzn2-core 521 k
default: xorg-x11-fonts-cyrillic noarch 7.5-9.amzn2 amzn2-core 398 k
default: xorg-x11-fonts-misc noarch 7.5-9.amzn2 amzn2-core 5.8 M
default: xorg-x11-utils x86_64 7.5-23.amzn2 amzn2-core 114 k
default: Installing for dependencies:
default: dejavu-fonts-common noarch 2.33-6.amzn2 amzn2-core 64 k
default: dejavu-sans-fonts noarch 2.33-6.amzn2 amzn2-core 1.4 M
default: fontpackages-filesystem noarch 1.44-8.amzn2 amzn2-core 10 k
default: fuse x86_64 2.9.2-11.amzn2 amzn2-core 86 k
default: glibc i686 2.26-63.amzn2.0.1 amzn2-core 4.1 M
default: libX11 x86_64 1.6.7-3.amzn2.0.5 amzn2-core 607 k
default: libX11-common noarch 1.6.7-3.amzn2.0.5 amzn2-core 165 k
default: libXau x86_64 1.0.8-2.1.amzn2.0.2 amzn2-core 29 k
default: libXext x86_64 1.3.3-3.amzn2.0.2 amzn2-core 39 k
default: libXi x86_64 1.7.9-1.amzn2.0.2 amzn2-core 41 k
default: libXinerama x86_64 1.1.3-2.1.amzn2.0.2 amzn2-core 14 k
default: libXrandr x86_64 1.5.1-2.amzn2.0.3 amzn2-core 27 k
default: libXrender x86_64 0.9.10-1.amzn2.0.2 amzn2-core 26 k
default: libXtst x86_64 1.2.3-1.amzn2.0.2 amzn2-core 20 k
default: libXv x86_64 1.0.11-1.amzn2.0.2 amzn2-core 18 k
default: libXxf86dga x86_64 1.1.4-2.1.amzn2.0.2 amzn2-core 19 k
default: libXxf86misc x86_64 1.0.3-7.1.amzn2.0.2 amzn2-core 19 k
default: libXxf86vm x86_64 1.1.4-1.amzn2.0.2 amzn2-core 17 k
default: libdmx x86_64 1.1.3-3.amzn2.0.2 amzn2-core 16 k
default: libfontenc x86_64 1.1.3-3.amzn2.0.2 amzn2-core 31 k
default: libmspack x86_64 0.5-0.8.alpha.amzn2 amzn2-core 62 k
default: libtool-ltdl x86_64 2.4.2-22.2.amzn2.0.2 amzn2-core 49 k
default: libxcb x86_64 1.12-1.amzn2.0.2 amzn2-core 216 k
default: libxslt x86_64 1.1.28-6.amzn2 amzn2-core 240 k
default: ncurses-libs i686 6.0-8.20170212.amzn2.1.7 amzn2-core 323 k
default: nspr i686 4.35.0-1.amzn2 amzn2-core 136 k
default: nss-pem i686 1.0.3-5.amzn2 amzn2-core 78 k
default: nss-softokn i686 3.90.0-6.amzn2 amzn2-core 416 k
default: nss-softokn-freebl i686 3.90.0-6.amzn2 amzn2-core 345 k
default: nss-util i686 3.90.0-1.amzn2 amzn2-core 82 k
default: readline i686 6.2-10.amzn2.0.2 amzn2-core 199 k
default: sqlite i686 3.7.17-8.amzn2.1.2 amzn2-core 422 k
default: ttmkfdir x86_64 3.0.9-42.amzn2.0.2 amzn2-core 50 k
default: xmlsec1 x86_64 1.2.20-7.amzn2.0.1 amzn2-core 180 k
default: xmlsec1-openssl x86_64 1.2.20-7.amzn2.0.1 amzn2-core 78 k
default: xorg-x11-font-utils x86_64 1:7.5-21.amzn2 amzn2-core 103 k
default:
default: Transaction Summary
default: ================================================================================
default: Install 10 Packages (+36 Dependent packages)
default:
default: Total download size: 28 M
default: Installed size: 57 M
default: Downloading packages:
default: --------------------------------------------------------------------------------
default: Total 3.9 MB/s | 28 MB 00:07
default: Running transaction check
default: Running transaction test
default: Transaction test succeeded
default: Running transaction
default: Installing : fontpackages-filesystem-1.44-8.amzn2.noarch 1/46
default: Installing : glibc-2.26-63.amzn2.0.1.i686 2/46
default: Installing : libtool-ltdl-2.4.2-22.2.amzn2.0.2.x86_64 3/46
default: Installing : libxslt-1.1.28-6.amzn2.x86_64 4/46
default: Installing : xmlsec1-1.2.20-7.amzn2.0.1.x86_64 5/46
default: Installing : xmlsec1-openssl-1.2.20-7.amzn2.0.1.x86_64 6/46
default: Installing : ttmkfdir-3.0.9-42.amzn2.0.2.x86_64 7/46
default: Installing : libmspack-0.5-0.8.alpha.amzn2.x86_64 8/46
default: Installing : fuse-2.9.2-11.amzn2.x86_64 9/46
default: Installing : libXau-1.0.8-2.1.amzn2.0.2.x86_64 10/46
default: Installing : libxcb-1.12-1.amzn2.0.2.x86_64 11/46
default: Installing : libfontenc-1.1.3-3.amzn2.0.2.x86_64 12/46
default: Installing : 1:xorg-x11-font-utils-7.5-21.amzn2.x86_64 13/46
default: Installing : dejavu-fonts-common-2.33-6.amzn2.noarch 14/46
default: Installing : dejavu-sans-fonts-2.33-6.amzn2.noarch 15/46
default: Installing : fontconfig-2.13.0-4.3.amzn2.x86_64 16/46
default: Installing : libX11-common-1.6.7-3.amzn2.0.5.noarch 17/46
default: Installing : libX11-1.6.7-3.amzn2.0.5.x86_64 18/46
default: Installing : libXext-1.3.3-3.amzn2.0.2.x86_64 19/46
default: Installing : libXi-1.7.9-1.amzn2.0.2.x86_64 20/46
default: Installing : libXrender-0.9.10-1.amzn2.0.2.x86_64 21/46
default: Installing : libXrandr-1.5.1-2.amzn2.0.3.x86_64 22/46
default: Installing : libXtst-1.2.3-1.amzn2.0.2.x86_64 23/46
default: Installing : libXxf86vm-1.1.4-1.amzn2.0.2.x86_64 24/46
default: Installing : libXinerama-1.1.3-2.1.amzn2.0.2.x86_64 25/46
default: Installing : libdmx-1.1.3-3.amzn2.0.2.x86_64 26/46
default: Installing : libXxf86misc-1.0.3-7.1.amzn2.0.2.x86_64 27/46
default: Installing : libXv-1.0.11-1.amzn2.0.2.x86_64 28/46
default: Installing : libXxf86dga-1.1.4-2.1.amzn2.0.2.x86_64 29/46
default: Installing : xorg-x11-utils-7.5-23.amzn2.x86_64 30/46
default: Installing : xorg-x11-fonts-misc-7.5-9.amzn2.noarch 31/46
default: Installing : xorg-x11-fonts-Type1-7.5-9.amzn2.noarch 32/46
default: Installing : xorg-x11-fonts-100dpi-7.5-9.amzn2.noarch 33/46
default: Installing : xorg-x11-fonts-75dpi-7.5-9.amzn2.noarch 34/46
default: Installing : xorg-x11-fonts-cyrillic-7.5-9.amzn2.noarch 35/46
default: Installing : open-vm-tools-12.3.0-1.amzn2.0.1.x86_64 36/46
default: Installing : ipa-gothic-fonts-003.03-5.amzn2.noarch 37/46
default: Installing : nspr-4.35.0-1.amzn2.i686 38/46
default: Installing : nss-util-3.90.0-1.amzn2.i686 39/46
default: Installing : ncurses-libs-6.0-8.20170212.amzn2.1.7.i686 40/46
default: Installing : readline-6.2-10.amzn2.0.2.i686 41/46
default: Installing : sqlite-3.7.17-8.amzn2.1.2.i686 42/46
default: Installing : nss-softokn-freebl-3.90.0-6.amzn2.i686 43/46
default: Installing : nss-softokn-3.90.0-6.amzn2.i686 44/46
default: Installing : nss-pem-1.0.3-5.amzn2.i686 45/46
default: Installing : nss-3.90.0-2.amzn2.0.1.i686 46/46
default: Verifying : ttmkfdir-3.0.9-42.amzn2.0.2.x86_64 1/46
default: Verifying : libXxf86vm-1.1.4-1.amzn2.0.2.x86_64 2/46
default: Verifying : fontpackages-filesystem-1.44-8.amzn2.noarch 3/46
default: Verifying : sqlite-3.7.17-8.amzn2.1.2.i686 4/46
default: Verifying : nss-softokn-3.90.0-6.amzn2.i686 5/46
default: Verifying : libXinerama-1.1.3-2.1.amzn2.0.2.x86_64 6/46
default: Verifying : libXrandr-1.5.1-2.amzn2.0.3.x86_64 7/46
default: Verifying : libdmx-1.1.3-3.amzn2.0.2.x86_64 8/46
default: Verifying : libXext-1.3.3-3.amzn2.0.2.x86_64 9/46
default: Verifying : xorg-x11-utils-7.5-23.amzn2.x86_64 10/46
default: Verifying : xorg-x11-fonts-misc-7.5-9.amzn2.noarch 11/46
default: Verifying : xorg-x11-fonts-100dpi-7.5-9.amzn2.noarch 12/46
default: Verifying : libmspack-0.5-0.8.alpha.amzn2.x86_64 13/46
default: Verifying : libxcb-1.12-1.amzn2.0.2.x86_64 14/46
default: Verifying : libXxf86misc-1.0.3-7.1.amzn2.0.2.x86_64 15/46
default: Verifying : dejavu-fonts-common-2.33-6.amzn2.noarch 16/46
default: Verifying : nss-3.90.0-2.amzn2.0.1.i686 17/46
default: Verifying : nss-pem-1.0.3-5.amzn2.i686 18/46
default: Verifying : glibc-2.26-63.amzn2.0.1.i686 19/46
default: Verifying : fuse-2.9.2-11.amzn2.x86_64 20/46
default: Verifying : xorg-x11-fonts-Type1-7.5-9.amzn2.noarch 21/46
default: Verifying : 1:xorg-x11-font-utils-7.5-21.amzn2.x86_64 22/46
default: Verifying : libXrender-0.9.10-1.amzn2.0.2.x86_64 23/46
default: Verifying : libX11-common-1.6.7-3.amzn2.0.5.noarch 24/46
default: Verifying : libtool-ltdl-2.4.2-22.2.amzn2.0.2.x86_64 25/46
default: Verifying : readline-6.2-10.amzn2.0.2.i686 26/46
default: Verifying : dejavu-sans-fonts-2.33-6.amzn2.noarch 27/46
default: Verifying : xmlsec1-openssl-1.2.20-7.amzn2.0.1.x86_64 28/46
default: Verifying : ncurses-libs-6.0-8.20170212.amzn2.1.7.i686 29/46
default: Verifying : fontconfig-2.13.0-4.3.amzn2.x86_64 30/46
default: Verifying : open-vm-tools-12.3.0-1.amzn2.0.1.x86_64 31/46
default: Verifying : libXv-1.0.11-1.amzn2.0.2.x86_64 32/46
default: Verifying : libX11-1.6.7-3.amzn2.0.5.x86_64 33/46
default: Verifying : nspr-4.35.0-1.amzn2.i686 34/46
default: Verifying : xmlsec1-1.2.20-7.amzn2.0.1.x86_64 35/46
default: Verifying : libXi-1.7.9-1.amzn2.0.2.x86_64 36/46
default: Verifying : libXau-1.0.8-2.1.amzn2.0.2.x86_64 37/46
default: Verifying : xorg-x11-fonts-75dpi-7.5-9.amzn2.noarch 38/46
default: Verifying : libfontenc-1.1.3-3.amzn2.0.2.x86_64 39/46
default: Verifying : libxslt-1.1.28-6.amzn2.x86_64 40/46
default: Verifying : libXtst-1.2.3-1.amzn2.0.2.x86_64 41/46
default: Verifying : nss-softokn-freebl-3.90.0-6.amzn2.i686 42/46
default: Verifying : xorg-x11-fonts-cyrillic-7.5-9.amzn2.noarch 43/46
default: Verifying : ipa-gothic-fonts-003.03-5.amzn2.noarch 44/46
default: Verifying : libXxf86dga-1.1.4-2.1.amzn2.0.2.x86_64 45/46
default: Verifying : nss-util-3.90.0-1.amzn2.i686 46/46
default:
default: Installed:
default: fontconfig.x86_64 0:2.13.0-4.3.amzn2
default: ipa-gothic-fonts.noarch 0:003.03-5.amzn2
default: nss.i686 0:3.90.0-2.amzn2.0.1
default: open-vm-tools.x86_64 0:12.3.0-1.amzn2.0.1
default: xorg-x11-fonts-100dpi.noarch 0:7.5-9.amzn2
default: xorg-x11-fonts-75dpi.noarch 0:7.5-9.amzn2
default: xorg-x11-fonts-Type1.noarch 0:7.5-9.amzn2
default: xorg-x11-fonts-cyrillic.noarch 0:7.5-9.amzn2
default: xorg-x11-fonts-misc.noarch 0:7.5-9.amzn2
default: xorg-x11-utils.x86_64 0:7.5-23.amzn2
default:
default: Dependency Installed:
default: dejavu-fonts-common.noarch 0:2.33-6.amzn2
default: dejavu-sans-fonts.noarch 0:2.33-6.amzn2
default: fontpackages-filesystem.noarch 0:1.44-8.amzn2
default: fuse.x86_64 0:2.9.2-11.amzn2
default: glibc.i686 0:2.26-63.amzn2.0.1
default: libX11.x86_64 0:1.6.7-3.amzn2.0.5
default: libX11-common.noarch 0:1.6.7-3.amzn2.0.5
default: libXau.x86_64 0:1.0.8-2.1.amzn2.0.2
default: libXext.x86_64 0:1.3.3-3.amzn2.0.2
default: libXi.x86_64 0:1.7.9-1.amzn2.0.2
default: libXinerama.x86_64 0:1.1.3-2.1.amzn2.0.2
default: libXrandr.x86_64 0:1.5.1-2.amzn2.0.3
default: libXrender.x86_64 0:0.9.10-1.amzn2.0.2
default: libXtst.x86_64 0:1.2.3-1.amzn2.0.2
default: libXv.x86_64 0:1.0.11-1.amzn2.0.2
default: libXxf86dga.x86_64 0:1.1.4-2.1.amzn2.0.2
default: libXxf86misc.x86_64 0:1.0.3-7.1.amzn2.0.2
default: libXxf86vm.x86_64 0:1.1.4-1.amzn2.0.2
default: libdmx.x86_64 0:1.1.3-3.amzn2.0.2
default: libfontenc.x86_64 0:1.1.3-3.amzn2.0.2
default: libmspack.x86_64 0:0.5-0.8.alpha.amzn2
default: libtool-ltdl.x86_64 0:2.4.2-22.2.amzn2.0.2
default: libxcb.x86_64 0:1.12-1.amzn2.0.2
default: libxslt.x86_64 0:1.1.28-6.amzn2
default: ncurses-libs.i686 0:6.0-8.20170212.amzn2.1.7
default: nspr.i686 0:4.35.0-1.amzn2
default: nss-pem.i686 0:1.0.3-5.amzn2
default: nss-softokn.i686 0:3.90.0-6.amzn2
default: nss-softokn-freebl.i686 0:3.90.0-6.amzn2
default: nss-util.i686 0:3.90.0-1.amzn2
default: readline.i686 0:6.2-10.amzn2.0.2
default: sqlite.i686 0:3.7.17-8.amzn2.1.2
default: ttmkfdir.x86_64 0:3.0.9-42.amzn2.0.2
default: xmlsec1.x86_64 0:1.2.20-7.amzn2.0.1
default: xmlsec1-openssl.x86_64 0:1.2.20-7.amzn2.0.1
default: xorg-x11-font-utils.x86_64 1:7.5-21.amzn2
default:
default: Complete!
default: 10/01/2024 14:36:03 INFO: Starting Wazuh installation assistant. Wazuh version: 4.7.2
default: 10/01/2024 14:36:03 INFO: Verbose logging redirected to /var/log/wazuh-install.log
default: 10/01/2024 14:36:09 INFO: Verifying that your system meets the recommended minimum hardware requirements.
default: 10/01/2024 14:36:09 INFO: Wazuh web interface port will be 443.
default: 10/01/2024 14:36:11 INFO: Wazuh development repository added.
default: 10/01/2024 14:36:11 INFO: --- Configuration files ---
default: 10/01/2024 14:36:11 INFO: Generating configuration files.
default: 10/01/2024 14:36:12 INFO: Created wazuh-install-files.tar. It contains the Wazuh cluster key, certificates, and passwords necessary for installation.
default: 10/01/2024 14:36:12 INFO: --- Wazuh indexer ---
default: 10/01/2024 14:36:12 INFO: Starting Wazuh indexer installation.
default: 10/01/2024 14:38:16 INFO: Wazuh indexer installation finished.
default: 10/01/2024 14:38:16 INFO: Wazuh indexer post-install configuration finished.
default: 10/01/2024 14:38:16 INFO: Starting service wazuh-indexer.
default: 10/01/2024 14:38:27 INFO: wazuh-indexer service started.
default: 10/01/2024 14:38:27 INFO: Initializing Wazuh indexer cluster security settings.
default: 10/01/2024 14:38:37 WARNING: The Wazuh indexer cluster ISM policy could not be created.
default: 10/01/2024 14:38:37 INFO: Wazuh indexer cluster initialized.
default: 10/01/2024 14:38:37 INFO: --- Wazuh server ---
default: 10/01/2024 14:38:37 INFO: Starting the Wazuh manager installation.
default: 10/01/2024 14:39:17 INFO: Wazuh manager installation finished.
default: 10/01/2024 14:39:17 INFO: Starting service wazuh-manager.
default: 10/01/2024 14:39:31 INFO: wazuh-manager service started.
default: 10/01/2024 14:39:31 INFO: Starting Filebeat installation.
default: 10/01/2024 14:39:41 INFO: Filebeat installation finished.
default: 10/01/2024 14:39:42 INFO: Filebeat post-install configuration finished.
default: 10/01/2024 14:39:42 INFO: Starting service filebeat.
default: 10/01/2024 14:39:43 INFO: filebeat service started.
default: 10/01/2024 14:39:43 INFO: --- Wazuh dashboard ---
default: 10/01/2024 14:39:43 INFO: Starting Wazuh dashboard installation.
default: 10/01/2024 14:40:55 INFO: Wazuh dashboard installation finished.
default: 10/01/2024 14:40:55 INFO: Wazuh dashboard post-install configuration finished.
default: 10/01/2024 14:40:55 INFO: Starting service wazuh-dashboard.
default: 10/01/2024 14:40:55 INFO: wazuh-dashboard service started.
default: 10/01/2024 14:41:00 INFO: Updating the internal users.
default: 10/01/2024 14:41:01 INFO: A backup of the internal users has been saved in the /etc/wazuh-indexer/internalusers-backup folder.
default: 10/01/2024 14:41:11 INFO: Initializing Wazuh dashboard web application.
default: 10/01/2024 14:41:11 INFO: Wazuh dashboard web application not yet initialized. Waiting...
default: 10/01/2024 14:41:27 INFO: Wazuh dashboard web application not yet initialized. Waiting...
default: 10/01/2024 14:41:42 INFO: Wazuh dashboard web application initialized.
default: 10/01/2024 14:41:42 INFO: --- Summary ---
default: 10/01/2024 14:41:42 INFO: You can access the web interface https://<wazuh-dashboard-ip>:443
default: User: admin
default: Password: admin
default: 10/01/2024 14:41:42 INFO: Installation finished.
default: Loaded plugins: langpacks, priorities, update-motd
default: Cleaning repos: amzn2-core amzn2extra-docker wazuh
default: Cleaning up everything
default: Maybe you want: rm -rf /var/cache/yum, to also free up space taken by orphaned data from disabled or removed repos
==> default: Saving VM state and suspending execution...
Exporting ova
0%...10%...20%...30%...40%...50%...60%...70%...80%...90%...100%
Successfully exported 1 machine(s).
==> default: Discarding saved state of VM...
==> default: Destroying VM and associated drives...
wazuh-4.7.2.ovf
wazuh-4.7.2-disk001.vmdk
Setting up ova for VMware ESXi
Standarizing OVA
Setting OVA to default
wazuh-4.7.2.ovf
wazuh-4.7.2-disk001.vmdk
OVF extracted
mv: '/home/cbordon/Documents/wazuh/repositorios/wazuh-packages/ova/new-ova/wazuh-4.7.2.ovf' and '/home/cbordon/Documents/wazuh/repositorios/wazuh-packages/ova/new-ova/wazuh-4.7.2.ovf' are the same file
mv: cannot stat '/home/cbordon/Documents/wazuh/repositorios/wazuh-packages/ova/new-ova/*.mf': No such file or directory
Files renamed
OVF Version changed
OVF Size changed
Manifest changed
wazuh-4.7.2.ovf
wazuh-4.7.2-disk-1.vmdk
wazuh-4.7.2.mf
New OVA created
Cleaned temporary directory
Process finished
==> default: VM not created. Moving on... |
Update reportA test of the construction of the OVA was carried out with the new AMI using version 4.7.2 of Wazuh and the result was correct: [root@wazuh-server ~]# ls -la /etc/r*
lrwxrwxrwx 1 root root 10 Mar 8 2023 /etc/rc0.d -> rc.d/rc0.d
lrwxrwxrwx 1 root root 10 Mar 8 2023 /etc/rc1.d -> rc.d/rc1.d
lrwxrwxrwx 1 root root 10 Mar 8 2023 /etc/rc2.d -> rc.d/rc2.d
lrwxrwxrwx 1 root root 10 Mar 8 2023 /etc/rc3.d -> rc.d/rc3.d
lrwxrwxrwx 1 root root 10 Mar 8 2023 /etc/rc4.d -> rc.d/rc4.d
lrwxrwxrwx 1 root root 10 Mar 8 2023 /etc/rc5.d -> rc.d/rc5.d
lrwxrwxrwx 1 root root 10 Mar 8 2023 /etc/rc6.d -> rc.d/rc6.d
lrwxrwxrwx 1 root root 13 Apr 11 2023 /etc/rc.local -> rc.d/rc.local
-rw-r--r-- 1 root root 1787 Jul 26 2018 /etc/request-key.conf
-rw-r--r-- 1 root root 64 Jan 11 12:45 /etc/resolv.conf
-rw-r--r-- 1 root root 1634 Nov 27 2018 /etc/rpc
-rw-r--r-- 1 root root 458 Jun 1 2023 /etc/rsyncd.conf
-rw-r--r-- 1 root root 3232 Feb 7 2023 /etc/rsyslog.conf
-rw-r--r-- 1 root root 966 Sep 22 2022 /etc/rwtab[root@wazuh-server ~]# ls -la /var/ossec/ruleset/sca/
total 10156
drwxr-x--- 2 root wazuh 4096 Jan 10 17:58 .
drwxr-x--- 5 root wazuh 46 Jan 10 17:58 ..
-rw-r----- 1 root wazuh 207513 Jan 5 22:07 cis_amazon_linux_1.yml.disabled
-rw-r----- 1 root wazuh 236403 Jan 5 22:07 cis_amazon_linux_2.yml
-rw-r----- 1 root wazuh 47977 Jan 5 22:07 cis_apache_24.yml.disabled
-rw-r----- 1 root wazuh 33522 Jan 5 22:07 cis_apple_macOS_10.11.yml.disabled
-rw-r----- 1 root wazuh 30577 Jan 5 22:07 cis_apple_macOS_10.12.yml.disabled
-rw-r----- 1 root wazuh 30101 Jan 5 22:07 cis_apple_macOS_10.13.yml.disabled
-rw-r----- 1 root wazuh 61211 Jan 5 22:07 cis_apple_macOS_10.14.yml.disabled
-rw-r----- 1 root wazuh 65229 Jan 5 22:07 cis_apple_macOS_10.15.yml.disabled
-rw-r----- 1 root wazuh 77375 Jan 5 22:07 cis_apple_macOS_11.1.yml.disabled
-rw-r----- 1 root wazuh 90803 Jan 5 22:07 cis_apple_macOS_12.0.yml.disabled
-rw-r----- 1 root wazuh 181718 Jan 5 22:07 cis_apple_macOS_13.x.yml.disabled
-rw-r----- 1 root wazuh 150869 Jan 5 22:07 cis_apple_macOS_14.0.yml.disabled
-rw-r----- 1 root wazuh 209419 Jan 5 22:07 cis_centos6_linux.yml.disabled
-rw-r----- 1 root wazuh 262843 Jan 5 22:07 cis_centos7_linux.yml.disabled
-rw-r----- 1 root wazuh 232169 Jan 5 22:07 cis_centos8_linux.yml.disabled
-rw-r----- 1 root wazuh 240527 Jan 5 22:07 cis_debian10.yml.disabled
-rw-r----- 1 root wazuh 381099 Jan 5 22:07 cis_debian11.yml.disabled
-rw-r----- 1 root wazuh 342660 Jan 5 22:07 cis_debian12.yml.disabled
-rw-r----- 1 root wazuh 179167 Jan 5 22:07 cis_debian7.yml.disabled
-rw-r----- 1 root wazuh 207081 Jan 5 22:07 cis_debian8.yml.disabled
-rw-r----- 1 root wazuh 206116 Jan 5 22:07 cis_debian9.yml.disabled
-rw-r----- 1 root wazuh 64290 Jan 5 22:07 cis_iis_10.yml.disabled
-rw-r----- 1 root wazuh 19741 Jan 5 22:07 cis_mongodb_36.yml.disabled
-rw-r----- 1 root wazuh 21621 Jan 5 22:07 cis_mysql5-6_community.yml.disabled
-rw-r----- 1 root wazuh 27694 Jan 5 22:07 cis_mysql5-6_enterprise.yml.disabled
-rw-r----- 1 root wazuh 69550 Jan 5 22:07 cis_nginx_1.yml.disabled
-rw-r----- 1 root wazuh 206980 Jan 5 22:07 cis_oracle_database_19c.yml.disabled
-rw-r----- 1 root wazuh 50578 Jan 5 22:07 cis_postgre-sql-13.yml.disabled
-rw-r----- 1 root wazuh 56850 Jan 5 22:07 cis_rhel5_linux.yml.disabled
-rw-r----- 1 root wazuh 210236 Jan 5 22:07 cis_rhel6_linux.yml.disabled
-rw-r----- 1 root wazuh 256642 Jan 5 22:07 cis_rhel7_linux.yml.disabled
-rw-r----- 1 root wazuh 233313 Jan 5 22:07 cis_rhel8_linux.yml.disabled
-rw-r----- 1 root wazuh 277254 Jan 5 22:07 cis_rhel9_linux.yml.disabled
-rw-r----- 1 root wazuh 60607 Jan 5 22:07 cis_sles11_linux.yml.disabled
-rw-r----- 1 root wazuh 62673 Jan 5 22:07 cis_sles12_linux.yml.disabled
-rw-r----- 1 root wazuh 180651 Jan 5 22:07 cis_sles15_linux.yml.disabled
-rw-r----- 1 root wazuh 80376 Jan 5 22:07 cis_solaris11.4.yml.disabled
-rw-r----- 1 root wazuh 63879 Jan 5 22:07 cis_solaris11.yml.disabled
-rw-r----- 1 root wazuh 35019 Jan 5 22:07 cis_sqlserver_2012.yml.disabled
-rw-r----- 1 root wazuh 34992 Jan 5 22:07 cis_sqlserver_2014.yml.disabled
-rw-r----- 1 root wazuh 34943 Jan 5 22:07 cis_sqlserver_2016.yml.disabled
-rw-r----- 1 root wazuh 35289 Jan 5 22:07 cis_sqlserver_2017.yml.disabled
-rw-r----- 1 root wazuh 33837 Jan 5 22:07 cis_sqlserver_2019.yml.disabled
-rw-r----- 1 root wazuh 206630 Jan 5 22:07 cis_ubuntu14-04.yml.disabled
-rw-r----- 1 root wazuh 206755 Jan 5 22:07 cis_ubuntu16-04.yml.disabled
-rw-r----- 1 root wazuh 246118 Jan 5 22:07 cis_ubuntu18-04.yml.disabled
-rw-r----- 1 root wazuh 396861 Jan 5 22:07 cis_ubuntu20-04.yml.disabled
-rw-r----- 1 root wazuh 328521 Jan 5 22:07 cis_ubuntu22-04.yml.disabled
-rw-r----- 1 root wazuh 678759 Jan 5 22:07 cis_win10_enterprise.yml.disabled
-rw-r----- 1 root wazuh 681902 Jan 5 22:07 cis_win11_enterprise.yml.disabled
-rw-r----- 1 root wazuh 396896 Jan 5 22:07 cis_win2012r2.yml.disabled
-rw-r----- 1 root wazuh 454594 Jan 5 22:07 cis_win2016.yml.disabled
-rw-r----- 1 root wazuh 453939 Jan 5 22:07 cis_win2019.yml.disabled
-rw-r----- 1 root wazuh 627420 Jan 5 22:07 cis_win2022.yml.disabled
-rw-r----- 1 root wazuh 19044 Jan 5 22:07 sca_unix_audit.yml.disabled
-rw-r----- 1 root wazuh 6792 Jan 5 22:07 web_vulnerabilities.yml.disabled
OVA: https://packages-dev.wazuh.com/trash/vm/wazuh-4.7.2.ova OVA Build: https://ci.wazuh.info/view/Packages/job/Packages_Builder_OVA/328/console |
4 tasks
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Description
It was found that Wazuh OVA has the wrong SCA policy enabled, using
cis_rhel9_linux.ymlinstead ofcis_amazon_linux_2.yamlsince it's running on Amazon Linux 2This can be seen by listing the SCA policy files on a fresh-new OVA
[root@wazuh-server wazuh-user]# ll /var/ossec/ruleset/sca/ total 9112 -rw-r----- 1 root wazuh 207513 Nov 23 16:02 cis_amazon_linux_1.yml.disabled -rw-r----- 1 root wazuh 236403 Nov 23 16:02 cis_amazon_linux_2.yml.disabled -rw-r----- 1 root wazuh 47977 Nov 23 16:02 cis_apache_24.yml.disabled -rw-r----- 1 root wazuh 33522 Nov 23 16:02 cis_apple_macOS_10.11.yml.disabled -rw-r----- 1 root wazuh 30577 Nov 23 16:02 cis_apple_macOS_10.12.yml.disabled -rw-r----- 1 root wazuh 30101 Nov 23 16:02 cis_apple_macOS_10.13.yml.disabled -rw-r----- 1 root wazuh 61211 Nov 23 16:02 cis_apple_macOS_10.14.yml.disabled -rw-r----- 1 root wazuh 65229 Nov 23 16:02 cis_apple_macOS_10.15.yml.disabled -rw-r----- 1 root wazuh 77375 Nov 23 16:02 cis_apple_macOS_11.1.yml.disabled -rw-r----- 1 root wazuh 90803 Nov 23 16:02 cis_apple_macOS_12.0.yml.disabled -rw-r----- 1 root wazuh 209419 Nov 23 16:02 cis_centos6_linux.yml.disabled -rw-r----- 1 root wazuh 262843 Nov 23 16:02 cis_centos7_linux.yml.disabled -rw-r----- 1 root wazuh 232169 Nov 23 16:02 cis_centos8_linux.yml.disabled -rw-r----- 1 root wazuh 240527 Nov 23 16:02 cis_debian10.yml.disabled -rw-r----- 1 root wazuh 179167 Nov 23 16:02 cis_debian7.yml.disabled -rw-r----- 1 root wazuh 207081 Nov 23 16:02 cis_debian8.yml.disabled -rw-r----- 1 root wazuh 206116 Nov 23 16:02 cis_debian9.yml.disabled -rw-r----- 1 root wazuh 64290 Nov 23 16:02 cis_iis_10.yml.disabled -rw-r----- 1 root wazuh 19741 Nov 23 16:02 cis_mongodb_36.yml.disabled -rw-r----- 1 root wazuh 21621 Nov 23 16:02 cis_mysql5-6_community.yml.disabled -rw-r----- 1 root wazuh 27694 Nov 23 16:02 cis_mysql5-6_enterprise.yml.disabled -rw-r----- 1 root wazuh 69550 Nov 23 16:02 cis_nginx_1.yml.disabled -rw-r----- 1 root wazuh 206980 Nov 23 16:02 cis_oracle_database_19c.yml.disabled -rw-r----- 1 root wazuh 50578 Nov 23 16:02 cis_postgre-sql-13.yml.disabled -rw-r----- 1 root wazuh 56850 Nov 23 16:02 cis_rhel5_linux.yml.disabled -rw-r----- 1 root wazuh 210236 Nov 23 16:02 cis_rhel6_linux.yml.disabled -rw-r----- 1 root wazuh 256642 Nov 23 16:02 cis_rhel7_linux.yml.disabled -rw-r----- 1 root wazuh 233313 Nov 23 16:02 cis_rhel8_linux.yml.disabled -rw-r----- 1 root wazuh 277254 Nov 23 16:02 cis_rhel9_linux.yml -rw-r----- 1 root wazuh 60607 Nov 23 16:02 cis_sles11_linux.yml.disabled -rw-r----- 1 root wazuh 62673 Nov 23 16:02 cis_sles12_linux.yml.disabled -rw-r----- 1 root wazuh 180651 Nov 23 16:02 cis_sles15_linux.yml.disabled -rw-r----- 1 root wazuh 80376 Nov 23 16:02 cis_solaris11.4.yml.disabled -rw-r----- 1 root wazuh 63879 Nov 23 16:02 cis_solaris11.yml.disabled -rw-r----- 1 root wazuh 35019 Nov 23 16:02 cis_sqlserver_2012.yml.disabled -rw-r----- 1 root wazuh 34992 Nov 23 16:02 cis_sqlserver_2014.yml.disabled -rw-r----- 1 root wazuh 34943 Nov 23 16:02 cis_sqlserver_2016.yml.disabled -rw-r----- 1 root wazuh 35289 Nov 23 16:02 cis_sqlserver_2017.yml.disabled -rw-r----- 1 root wazuh 33837 Nov 23 16:02 cis_sqlserver_2019.yml.disabled -rw-r----- 1 root wazuh 206630 Nov 23 16:02 cis_ubuntu14-04.yml.disabled -rw-r----- 1 root wazuh 206755 Nov 23 16:02 cis_ubuntu16-04.yml.disabled -rw-r----- 1 root wazuh 246118 Nov 23 16:02 cis_ubuntu18-04.yml.disabled -rw-r----- 1 root wazuh 396861 Nov 23 16:02 cis_ubuntu20-04.yml.disabled -rw-r----- 1 root wazuh 328521 Nov 23 16:02 cis_ubuntu22-04.yml.disabled -rw-r----- 1 root wazuh 678759 Nov 23 16:02 cis_win10_enterprise.yml.disabled -rw-r----- 1 root wazuh 681902 Nov 23 16:02 cis_win11_enterprise.yml.disabled -rw-r----- 1 root wazuh 396896 Nov 23 16:02 cis_win2012r2.yml.disabled -rw-r----- 1 root wazuh 454594 Nov 23 16:02 cis_win2016.yml.disabled -rw-r----- 1 root wazuh 453939 Nov 23 16:02 cis_win2019.yml.disabled -rw-r----- 1 root wazuh 627420 Nov 23 16:02 cis_win2022.yml.disabled -rw-r----- 1 root wazuh 19044 Nov 23 16:02 sca_unix_audit.yml.disabled -rw-r----- 1 root wazuh 6792 Nov 23 16:02 web_vulnerabilities.yml.disabledThe
/etc/os-releasefile content:RCA
After unsuccessfully trying to reproduce it on an Amazon Linux 2 box and installing the Wazuh Manager or Wazuh Central Components, it was found that the reason for this is because the Wazuh OVA (both base OVA and final OVA) has a file
/etc/redhat-releaseThis causes wrong handling during RPM installation, leading to "detect" the OS as rhel
wazuh-packages/rpms/SPECS/wazuh-manager.spec
Lines 344 to 351 in ab7ec2e
The text was updated successfully, but these errors were encountered: