{"id":805,"date":"2018-10-18T14:14:16","date_gmt":"2018-10-18T14:14:16","guid":{"rendered":"https:\/\/www.nicktailor.com\/?p=805"},"modified":"2020-06-17T08:12:13","modified_gmt":"2020-06-17T08:12:13","slug":"how-to-deploy-wazuh-agnet-with-ansible","status":"publish","type":"post","link":"https:\/\/nicktailor.com\/tech-blog\/how-to-deploy-wazuh-agnet-with-ansible\/","title":{"rendered":"How to deploy wazuh-agent with Ansible"},"content":{"rendered":"<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 8pt; padding-bottom: 0; line-height: 1.28;\"><strong><span style=\"text-decoration: underline;\">Note<\/span>: For windows ports 5986 and 1515 must be open along with configureansiblescript.ps(powershell script) must have been setup for ansible to be able to communicate and deploy the wazuh-agent to windows machines.<\/strong><\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 8pt; padding-bottom: 0; line-height: 1.28;\"><span style=\"display: inline-block; height: 1em;\"><span style=\"display: none;\">.<\/span><\/span><\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 8pt; padding-bottom: 0; line-height: 1.28;\">In order to deploy the wazuh-agent to a large group of servers that span windows, ubuntu, centos type distros with ansible. Some tweaks need to be made on the wazuh manager and ansible server<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 8pt; padding-bottom: 0; line-height: 1.28;\"><span style=\"display: inline-block; height: 1em;\"><span style=\"display: none;\">.<\/span><\/span><\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 8pt; padding-bottom: 0; line-height: 1.28;\"><em>This is done on the <\/em><strong><em>wazuh-manager<\/em><\/strong><em> server<\/em><\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 8pt; padding-bottom: 0; line-height: 1.28;\"><em>\/var\/ossec\/etc\/ossec.conf \u2013 inside this file the following need to be edited for registrations to have the proper ip of the hosts being registered<\/em><\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 8pt; padding-bottom: 0; line-height: 1.28;\">&lt;auth&gt;<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 8pt; padding-bottom: 0; line-height: 1.28;\">&lt;disabled&gt;no&lt;\/disabled&gt;<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 8pt; padding-bottom: 0; line-height: 1.28;\">&lt;port&gt;1515&lt;\/port&gt;<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 8pt; padding-bottom: 0; line-height: 1.28;\"><strong> &lt;use_source_ip&gt;yes&lt;\/use_source_ip&gt;<\/strong><\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 8pt; padding-bottom: 0; line-height: 1.28;\">&lt;force_insert&gt;yes&lt;\/force_insert&gt;<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 8pt; padding-bottom: 0; line-height: 1.28;\">&lt;force_time&gt;0&lt;\/force_time&gt;<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 8pt; padding-bottom: 0; line-height: 1.28;\">&lt;purge&gt;yes&lt;\/purge&gt;<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 8pt; padding-bottom: 0; line-height: 1.28;\">\u00a0\u00a0\u00a0\u00a0<strong>&lt;use_password&gt;yes&lt;\/use_password&gt;<\/strong><\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 8pt; padding-bottom: 0; line-height: 1.28;\">&lt;limit_maxagents&gt;no&lt;\/limit_maxagents&gt;<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 8pt; padding-bottom: 0; line-height: 1.28;\">\u00a0\u00a0\u00a0\u00a0<strong>&lt;ciphers&gt;HIGH:!ADH:!EXP:!MD5:RC4:3DES:!CAMELLIA:@STRENGTH&lt;\/ciphers&gt;<\/strong><\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 8pt; padding-bottom: 0; line-height: 1.28;\">\u00a0\u00a0\u00a0\u00a0&lt;!&#8211; &lt;ssl_agent_ca&gt;&lt;\/ssl_agent_ca&gt; &#8211;&gt;<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 8pt; padding-bottom: 0; line-height: 1.28;\">&lt;ssl_verify_host&gt;no&lt;\/ssl_verify_host&gt;<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 8pt; padding-bottom: 0; line-height: 1.28;\">&lt;ssl_manager_cert&gt;\/var\/ossec\/etc\/sslmanager.cert&lt;\/ssl_manager_cert&gt;<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 8pt; padding-bottom: 0; line-height: 1.28;\">&lt;ssl_manager_key&gt;\/var\/ossec\/etc\/sslmanager.key&lt;\/ssl_manager_key&gt;<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 8pt; padding-bottom: 0; line-height: 1.28;\">&lt;ssl_auto_negotiate&gt;yes&lt;\/ssl_auto_negotiate&gt;<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 8pt; padding-bottom: 0; line-height: 1.28;\">&lt;\/auth&gt;<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 8pt; padding-bottom: 0; line-height: 1.28;\">To enable authd on wazuh-manager<\/p>\n<div class=\"ul\" style=\"margin: 0;\">\n<div class=\"li\" style=\"margin: 0;\">\n<div style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 8pt; padding-bottom: 0; line-height: 1.28; margin-left: 36pt;\"><span style=\"display: inline-block; position: relative; text-indent: -18pt; font-style: italic;\"><span style=\"position: absolute; top: -0.34em; left: 0; font-size: 2em;\">\u2022<\/span>\u00a0<\/span><em>\/var\/ossec\/bin\/ossec-control enable authd<\/em><\/div>\n<\/div>\n<\/div>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 8pt; padding-bottom: 0; line-height: 1.28;\">Now on your ansible server<\/p>\n<div class=\"ol\" style=\"margin: 0;\">\n<div class=\"li\" style=\"margin: 0;\">\n<div style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 8pt; padding-bottom: 0; line-height: 1.28; margin-left: 36pt;\"><span style=\"display: inline-block; position: relative; text-indent: -18pt;\">1.<\/span>You need to download the git repository with ansible playbooks for wazuh<\/div>\n<\/div>\n<div class=\"li\" style=\"margin: 0;\">\n<div style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 8pt; padding-bottom: 0; line-height: 1.28; margin-left: 36pt;\"><span style=\"display: inline-block; position: relative; text-indent: -18pt;\">2.<\/span><em>git clone <\/em><a href=\"https:\/\/github.com\/wazuh\/wazuh-ansible\"><em>https:\/\/github.com\/wazuh\/wazuh-ansible<\/em><\/a><em> &lt;&#8211;do this in home directory \/home\/nicktailor<\/em><\/div>\n<\/div>\n<div class=\"li\" style=\"margin: 0;\">\n<div style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 8pt; padding-bottom: 0; line-height: 1.28; margin-left: 36pt;\"><span style=\"display: inline-block; position: relative; text-indent: -18pt; font-style: italic;\">3.<\/span><em>Next you will see them setup as roles that you would call in your playbook<\/em><\/div>\n<p style=\"text-align: left; margin-top: 0pt; padding-top: 0; margin-bottom: 8pt; padding-bottom: 0; line-height: 1.28; margin-left: 36pt;\"><span style=\"display: inline-block; height: 1em;\"><span style=\"display: none;\">.<\/span><\/span><\/p>\n<\/div>\n<\/div>\n<div class=\"ul\" style=\"margin: 0;\">\n<div class=\"li\" style=\"margin: 0;\">\n<div style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 8pt; padding-bottom: 0; line-height: 1.28; margin-left: 36pt;\"><span style=\"display: inline-block; position: relative; text-indent: -18pt; font-style: italic;\"><span style=\"position: absolute; top: -0.34em; left: 0; font-size: 2em;\">\u2022<\/span>\u00a0<\/span><em>drwxr-x&#8212; 7 root root 97 Sep 21 13:45 ansible-role-elasticsearch<\/em><\/div>\n<\/div>\n<div class=\"li\" style=\"margin: 0;\">\n<div style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 8pt; padding-bottom: 0; line-height: 1.28; margin-left: 36pt;\"><span style=\"display: inline-block; position: relative; text-indent: -18pt; font-style: italic;\"><span style=\"position: absolute; top: -0.34em; left: 0; font-size: 2em;\">\u2022<\/span>\u00a0<\/span><em>drwxr-x&#8212; 8 root root 110 Sep 21 13:45 ansible-role-filebeat<\/em><\/div>\n<\/div>\n<div class=\"li\" style=\"margin: 0;\">\n<div style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 8pt; padding-bottom: 0; line-height: 1.28; margin-left: 36pt;\"><span style=\"display: inline-block; position: relative; text-indent: -18pt; font-style: italic;\"><span style=\"position: absolute; top: -0.34em; left: 0; font-size: 2em;\">\u2022<\/span>\u00a0<\/span><em>drwxr-x&#8212; 7 root root 97 Sep 21 13:45 ansible-role-kibana<\/em><\/div>\n<\/div>\n<div class=\"li\" style=\"margin: 0;\">\n<div style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 8pt; padding-bottom: 0; line-height: 1.28; margin-left: 36pt;\"><span style=\"display: inline-block; position: relative; text-indent: -18pt; font-style: italic;\"><span style=\"position: absolute; top: -0.34em; left: 0; font-size: 2em;\">\u2022<\/span>\u00a0<\/span><em>drwxr-x&#8212; 7 root root 97 Sep 21 13:45 ansible-role-logstash<\/em><\/div>\n<\/div>\n<div class=\"li\" style=\"margin: 0;\">\n<div style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 8pt; padding-bottom: 0; line-height: 1.28; margin-left: 36pt;\"><span style=\"display: inline-block; position: relative; text-indent: -18pt;\"><span style=\"position: absolute; top: -0.34em; left: 0; font-size: 2em;\">\u2022<\/span>\u00a0<\/span><strong><em>drwxr-x&#8212; 8 root root 109 Sep 21 13:45 ansible-wazuh-agent<\/em><\/strong>\uf0df<strong><em> this is the role one you want to copy to \/etc\/ansible\/roles<\/em><\/strong><\/div>\n<\/div>\n<div class=\"li\" style=\"margin: 0;\">\n<div style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 8pt; padding-bottom: 0; line-height: 1.28; margin-left: 36pt;\"><span style=\"display: inline-block; position: relative; text-indent: -18pt; font-style: italic;\"><span style=\"position: absolute; top: -0.34em; left: 0; font-size: 2em;\">\u2022<\/span>\u00a0<\/span><em>drwxr-x&#8212; 8 root root 167 Sep 21 13:45 ansible-wazuh-manager<\/em><\/div>\n<\/div>\n<div class=\"li\" style=\"margin: 0;\">\n<div style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 8pt; padding-bottom: 0; line-height: 1.28; margin-left: 36pt;\"><span style=\"display: inline-block; position: relative; text-indent: -18pt; font-style: italic;\"><span style=\"position: absolute; top: -0.34em; left: 0; font-size: 2em;\">\u2022<\/span>\u00a0<\/span><em>drwxr-x&#8212; 8 root root 163 Sep 21 13:45 .git<\/em><\/div>\n<\/div>\n<div class=\"li\" style=\"margin: 0;\">\n<div style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 8pt; padding-bottom: 0; line-height: 1.28; margin-left: 36pt;\"><span style=\"display: inline-block; position: relative; text-indent: -18pt; font-style: italic;\"><span style=\"position: absolute; top: -0.34em; left: 0; font-size: 2em;\">\u2022<\/span>\u00a0<\/span><em>-rw-r&#8212;&#8211; 1 root root 163 Sep 21 13:45 .gitignore<\/em><\/div>\n<\/div>\n<div class=\"li\" style=\"margin: 0;\">\n<div style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 8pt; padding-bottom: 0; line-height: 1.28; margin-left: 36pt;\"><span style=\"display: inline-block; position: relative; text-indent: -18pt; font-style: italic;\"><span style=\"position: absolute; top: -0.34em; left: 0; font-size: 2em;\">\u2022<\/span>\u00a0<\/span><em>drwxr-x&#8212; 2 root root 22 Sep 21 13:45 meta<\/em><\/div>\n<\/div>\n<div class=\"li\" style=\"margin: 0;\">\n<div style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 8pt; padding-bottom: 0; line-height: 1.28; margin-left: 36pt;\"><span style=\"display: inline-block; position: relative; text-indent: -18pt; font-style: italic;\"><span style=\"position: absolute; top: -0.34em; left: 0; font-size: 2em;\">\u2022<\/span>\u00a0<\/span><em>-rw-r&#8212;&#8211; 1 root root 1060 Sep 21 13:45 README.md<\/em><\/div>\n<\/div>\n<div class=\"li\" style=\"margin: 0;\">\n<div style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 8pt; padding-bottom: 0; line-height: 1.28; margin-left: 36pt;\"><span style=\"display: inline-block; position: relative; text-indent: -18pt;\"><span style=\"position: absolute; top: -0.34em; left: 0; font-size: 2em;\">\u2022<\/span>\u00a0<\/span><strong><em>-rw-r&#8212;&#8211; 1 root root 350 Sep 21 13:45 wazuh-agent.yml\uf0dfthis is the playbook you want to copy to \/etc\/ansible\/playbooks<\/em><\/strong><\/div>\n<\/div>\n<div class=\"li\" style=\"margin: 0;\">\n<div style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 8pt; padding-bottom: 0; line-height: 1.28; margin-left: 36pt;\"><span style=\"display: inline-block; position: relative; text-indent: -18pt; font-style: italic;\"><span style=\"position: absolute; top: -0.34em; left: 0; font-size: 2em;\">\u2022<\/span>\u00a0<\/span><em>-rw-r&#8212;&#8211; 1 root root 460 Sep 21 13:45 wazuh-elastic_stack-distributed.yml<\/em><\/div>\n<\/div>\n<div class=\"li\" style=\"margin: 0;\">\n<div style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 8pt; padding-bottom: 0; line-height: 1.28; margin-left: 36pt;\"><span style=\"display: inline-block; position: relative; text-indent: -18pt; font-style: italic;\"><span style=\"position: absolute; top: -0.34em; left: 0; font-size: 2em;\">\u2022<\/span>\u00a0<\/span><em>-rw-r&#8212;&#8211; 1 root root 322 Sep 21 13:45 wazuh-elastic_stack-single.yml<\/em><\/div>\n<\/div>\n<div class=\"li\" style=\"margin: 0;\">\n<div style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 8pt; padding-bottom: 0; line-height: 1.28; margin-left: 36pt;\"><span style=\"display: inline-block; position: relative; text-indent: -18pt; font-style: italic;\"><span style=\"position: absolute; top: -0.34em; left: 0; font-size: 2em;\">\u2022<\/span>\u00a0<\/span><em>-rw-r&#8212;&#8211; 1 root root 121 Sep 21 13:45 wazuh-elastic.yml<\/em><\/div>\n<\/div>\n<div class=\"li\" style=\"margin: 0;\">\n<div style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 8pt; padding-bottom: 0; line-height: 1.28; margin-left: 36pt;\"><span style=\"display: inline-block; position: relative; text-indent: -18pt; font-style: italic;\"><span style=\"position: absolute; top: -0.34em; left: 0; font-size: 2em;\">\u2022<\/span>\u00a0<\/span><em>-rw-r&#8212;&#8211; 1 root root 107 Sep 21 13:45 wazuh-kibana.yml<\/em><\/div>\n<\/div>\n<div class=\"li\" style=\"margin: 0;\">\n<div style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 8pt; padding-bottom: 0; line-height: 1.28; margin-left: 36pt;\"><span style=\"display: inline-block; position: relative; text-indent: -18pt; font-style: italic;\"><span style=\"position: absolute; top: -0.34em; left: 0; font-size: 2em;\">\u2022<\/span>\u00a0<\/span><em>-rw-r&#8212;&#8211; 1 root root 106 Sep 21 13:45 wazuh-logstash.yml<\/em><\/div>\n<\/div>\n<div class=\"li\" style=\"margin: 0;\">\n<div style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 8pt; padding-bottom: 0; line-height: 1.28; margin-left: 36pt;\"><span style=\"display: inline-block; position: relative; text-indent: -18pt; font-style: italic;\"><span style=\"position: absolute; top: -0.34em; left: 0; font-size: 2em;\">\u2022<\/span>\u00a0<\/span><em>-rw-r&#8212;&#8211; 1 root root 159 Sep 21 13:45 wazuh-manager.yml<\/em><\/div>\n<\/div>\n<\/div>\n<div class=\"ol\" style=\"margin: 0;\">\n<div class=\"li\" style=\"margin: 0;\">\n<div style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 8pt; padding-bottom: 0; line-height: 1.28; margin-left: 36pt;\"><span style=\"display: inline-block; position: relative; text-indent: -18pt; font-style: italic;\">4.<\/span><em>You need to copy the role over to your ansible roles directory<\/em><\/div>\n<div class=\"ol\" style=\"margin: 0;\">\n<div class=\"li\" style=\"margin: 0;\">\n<div style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 8pt; padding-bottom: 0; line-height: 1.28; margin-left: 72pt;\"><span style=\"display: inline-block; position: relative; text-indent: -18pt; font-style: italic;\">a.<\/span><em>cp -r ansible-wazuh-manger \/etc\/ansible\/roles<\/em><\/div>\n<\/div>\n<\/div>\n<\/div>\n<div class=\"li\" style=\"margin: 0;\">\n<div style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 8pt; padding-bottom: 0; line-height: 1.28; margin-left: 36pt;\"><span style=\"display: inline-block; position: relative; text-indent: -18pt; font-style: italic;\">5.<\/span><em>next copy the playbook to your playbook directory<\/em><\/div>\n<div class=\"ol\" style=\"margin: 0;\">\n<div class=\"li\" style=\"margin: 0;\">\n<div style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 8pt; padding-bottom: 0; line-height: 1.28; margin-left: 72pt;\"><span style=\"display: inline-block; position: relative; text-indent: -18pt; font-style: italic;\">b.<\/span><em>cp wazuh-agent.yml \/etc\/ansible\/playbooks<\/em><\/div>\n<\/div>\n<\/div>\n<\/div>\n<div class=\"li\" style=\"margin: 0;\">\n<div style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 8pt; padding-bottom: 0; line-height: 1.28; margin-left: 36pt;\"><span style=\"display: inline-block; position: relative; text-indent: -18pt; font-style: italic;\">6.<\/span><em>Next you need to update the following file with the ip address of the wazuh-manager<\/em><\/div>\n<div class=\"ol\" style=\"margin: 0;\">\n<div class=\"li\" style=\"margin: 0;\">\n<div style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 8pt; padding-bottom: 0; line-height: 1.28; margin-left: 72pt;\"><span style=\"display: inline-block; position: relative; text-indent: -18pt; font-style: italic;\">c.<\/span><em>\/etc\/ansible\/roles\/ansible-wazuh-agent\/defaults# cat main.yml<\/em><\/div>\n<p style=\"text-align: left; margin-top: 0pt; padding-top: 0; margin-bottom: 8pt; padding-bottom: 0; line-height: 1.28; margin-left: 81pt;\"><em>wazuh_managers:<\/em><\/p>\n<p style=\"text-align: left; margin-top: 0pt; padding-top: 0; margin-bottom: 8pt; padding-bottom: 0; line-height: 1.28; margin-left: 81pt;\"><em>\u00a0\u00a0<\/em><strong><em>&#8211; address: 10.79.240.160<\/em><\/strong><\/p>\n<p style=\"text-align: left; margin-top: 0pt; padding-top: 0; margin-bottom: 8pt; padding-bottom: 0; line-height: 1.28; margin-left: 81pt;\"><em> port: 1514<\/em><\/p>\n<p style=\"text-align: left; margin-top: 0pt; padding-top: 0; margin-bottom: 8pt; padding-bottom: 0; line-height: 1.28; margin-left: 81pt;\"><em> protocol: tcp<\/em><\/p>\n<p style=\"text-align: left; margin-top: 0pt; padding-top: 0; margin-bottom: 8pt; padding-bottom: 0; line-height: 1.28; margin-left: 81pt;\"><em>\u00a0\u00a0\u00a0\u00a0api_port: 55000<\/em><\/p>\n<p style=\"text-align: left; margin-top: 0pt; padding-top: 0; margin-bottom: 8pt; padding-bottom: 0; line-height: 1.28; margin-left: 81pt;\"><em>\u00a0\u00a0\u00a0\u00a0api_proto: &#8216;http&#8217;<\/em><\/p>\n<p style=\"text-align: left; margin-top: 0pt; padding-top: 0; margin-bottom: 8pt; padding-bottom: 0; line-height: 1.28; margin-left: 81pt;\"><em>\u00a0\u00a0\u00a0\u00a0api_user: null<\/em><\/p>\n<p style=\"text-align: left; margin-top: 0pt; padding-top: 0; margin-bottom: 8pt; padding-bottom: 0; line-height: 1.28; margin-left: 81pt;\"><em>wazuh_profile: null<\/em><\/p>\n<p style=\"text-align: left; margin-top: 0pt; padding-top: 0; margin-bottom: 8pt; padding-bottom: 0; line-height: 1.28; margin-left: 81pt;\"><em>wazuh_auto_restart: &#8216;yes&#8217;<\/em><\/p>\n<p style=\"text-align: left; margin-top: 0pt; padding-top: 0; margin-bottom: 8pt; padding-bottom: 0; line-height: 1.28; margin-left: 81pt;\"><em>wazuh_agent_authd:<\/em><\/p>\n<p style=\"text-align: left; margin-top: 0pt; padding-top: 0; margin-bottom: 8pt; padding-bottom: 0; line-height: 1.28; margin-left: 81pt;\"><strong><em>\u00a0\u00a0enable: true<\/em><\/strong><\/p>\n<p style=\"text-align: left; margin-top: 0pt; padding-top: 0; margin-bottom: 8pt; padding-bottom: 0; line-height: 1.28; margin-left: 81pt;\"><em> port: 1515<\/em><\/p>\n<p style=\"text-align: left; margin-top: 0pt; padding-top: 0; margin-bottom: 8pt; padding-bottom: 0; line-height: 1.28; margin-left: 81pt;\">Next section in <em>main.yml<\/em><\/p>\n<p style=\"text-align: left; margin-top: 0pt; padding-top: 0; margin-bottom: 8pt; padding-bottom: 0; line-height: 1.28; margin-left: 81pt;\"><em>\u00a0\u00a0openscap:<\/em><\/p>\n<p style=\"text-align: left; margin-top: 0pt; padding-top: 0; margin-bottom: 8pt; padding-bottom: 0; line-height: 1.28; margin-left: 81pt;\"><em>\u00a0\u00a0\u00a0\u00a0<\/em><strong><em>disable: &#8216;no&#8217;<\/em><\/strong><\/p>\n<p style=\"text-align: left; margin-top: 0pt; padding-top: 0; margin-bottom: 8pt; padding-bottom: 0; line-height: 1.28; margin-left: 81pt;\"><em> timeout: 1800<\/em><\/p>\n<p style=\"text-align: left; margin-top: 0pt; padding-top: 0; margin-bottom: 8pt; padding-bottom: 0; line-height: 1.28; margin-left: 81pt;\"><em> interval: &#8216;1d&#8217;<\/em><\/p>\n<p style=\"text-align: left; margin-top: 0pt; padding-top: 0; margin-bottom: 8pt; padding-bottom: 0; line-height: 1.28; margin-left: 81pt;\"><em>\u00a0\u00a0\u00a0\u00a0scan_on_start: &#8216;yes&#8217;<\/em><\/p>\n<\/div>\n<\/div>\n<\/div>\n<div class=\"li\" style=\"margin: 0;\">\n<div style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 8pt; padding-bottom: 0; line-height: 1.28; margin-left: 36pt;\"><span style=\"display: inline-block; position: relative; text-indent: -18pt; font-style: italic;\">7.<\/span><em>Now you need to add the password you setup on the wazuh-manager for the api user to the ansible authd section:<\/em><\/div>\n<div class=\"ol\" style=\"margin: 0;\">\n<div class=\"li\" style=\"margin: 0;\">\n<div style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 8pt; padding-bottom: 0; line-height: 1.28; margin-left: 72pt;\"><span style=\"display: inline-block; position: relative; text-indent: -18pt; font-style: italic;\">d.<\/span><em>\/etc\/ansible\/roles\/ansible-wazuh-agent\/vars# cat authd_pass.yml <\/em><\/div>\n<\/div>\n<\/div>\n<p style=\"text-align: left; margin-top: 0pt; padding-top: 0; margin-bottom: 8pt; padding-bottom: 0; line-height: 1.28; margin-left: 36pt;\"><strong><em># We recommend the use of Ansible Vault to protect Wazuh, api, agentless and authd credentials.<\/em><\/strong><\/p>\n<p style=\"text-align: left; margin-top: 0pt; padding-top: 0; margin-bottom: 8pt; padding-bottom: 0; line-height: 1.28; margin-left: 36pt;\"><strong><em>authd_pass: &#8216;password&#8217;<\/em><\/strong><\/p>\n<div class=\"ol\" style=\"margin: 0;\">\n<div class=\"li\" style=\"margin: 0;\">\n<div style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 8pt; padding-bottom: 0; line-height: 1.28; margin-left: 72pt;\"><span style=\"display: inline-block; position: relative; text-indent: -18pt;\">e.<\/span>Save the file authd_pass.yml<\/div>\n<p style=\"text-align: left; margin-top: 0pt; padding-top: 0; margin-bottom: 8pt; padding-bottom: 0; line-height: 1.28; margin-left: 72pt;\"><span style=\"display: inline-block; height: 1em;\"><span style=\"display: none;\">.<\/span><\/span><\/p>\n<\/div>\n<\/div>\n<\/div>\n<div class=\"li\" style=\"margin: 0;\">\n<div style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 8pt; padding-bottom: 0; line-height: 1.28; margin-left: 36pt;\"><span style=\"display: inline-block; position: relative; text-indent: -18pt;\">8.<\/span>Next you need to have the hosts listed in your hosts file in ansible \/etc\/ansible\/hosts-whatever<\/div>\n<div class=\"ol\" style=\"margin: 0;\">\n<div class=\"li\" style=\"margin: 0;\">\n<div style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 8pt; padding-bottom: 0; line-height: 1.28; margin-left: 72pt;\"><span style=\"display: inline-block; position: relative; text-indent: -18pt;\">f.<\/span>Not that for windows machines you will need to ensure the are also listed in \/etc\/hosts. The reason is authd using Kerberos has issues sometimes with dns resolution when attempting open a connection via winrm on port 5986.<\/div>\n<\/div>\n<\/div>\n<\/div>\n<div class=\"li\" style=\"margin: 0;\">\n<div style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 8pt; padding-bottom: 0; line-height: 1.28; margin-left: 36pt;\"><span style=\"display: inline-block; position: relative; text-indent: -18pt;\">9.<\/span>Next you must list your hosts in the ansible host file as such<\/div>\n<div class=\"ol\" style=\"margin: 0;\">\n<div class=\"li\" style=\"margin: 0;\">\n<div style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 8pt; padding-bottom: 0; line-height: 1.28; margin-left: 72pt;\"><span style=\"display: inline-block; position: relative; text-indent: -18pt;\">g.<\/span>\/etc\/ansible\/hosts-linux<\/div>\n<div class=\"ol\" style=\"margin: 0;\">\n<div class=\"li\" style=\"margin: 0;\">\n<div style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 8pt; padding-bottom: 0; line-height: 1.28; margin-left: 108pt;\"><span style=\"display: inline-block; position: relative; text-indent: -9pt;\">i.<\/span>[linux]<\/div>\n<\/div>\n<div class=\"li\" style=\"margin: 0;\">\n<div style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 8pt; padding-bottom: 0; line-height: 1.28; margin-left: 108pt;\"><span style=\"display: inline-block; position: relative; text-indent: -9pt;\">ii.<\/span>Server1.nicktailor.com<\/div>\n<\/div>\n<div class=\"li\" style=\"margin: 0;\">\n<div style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 8pt; padding-bottom: 0; line-height: 1.28; margin-left: 108pt;\"><span style=\"display: inline-block; position: relative; text-indent: -9pt;\">iii.<\/span>Server2.nicktailor.com<\/div>\n<\/div>\n<\/div>\n<\/div>\n<div class=\"li\" style=\"margin: 0;\">\n<div style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 8pt; padding-bottom: 0; line-height: 1.28; margin-left: 72pt;\"><span style=\"display: inline-block; position: relative; text-indent: -18pt;\">h.<\/span>\/etc\/ansible\/hosts-windows<\/div>\n<div class=\"ol\" style=\"margin: 0;\">\n<div class=\"li\" style=\"margin: 0;\">\n<div style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 8pt; padding-bottom: 0; line-height: 1.28; margin-left: 108pt;\"><span style=\"display: inline-block; position: relative; text-indent: -9pt;\">iv.<\/span>[windows]<\/div>\n<\/div>\n<div class=\"li\" style=\"margin: 0;\">\n<div style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 8pt; padding-bottom: 0; line-height: 1.28; margin-left: 108pt;\"><span style=\"display: inline-block; position: relative; text-indent: -9pt;\">v.<\/span>Server1-w.nicktailor.com<\/div>\n<\/div>\n<div class=\"li\" style=\"margin: 0;\">\n<div style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 8pt; padding-bottom: 0; line-height: 1.28; margin-left: 108pt;\"><span style=\"display: inline-block; position: relative; text-indent: -9pt;\">vi.<\/span>Server2-2.nicktailor.com<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<\/div>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 8pt; padding-bottom: 0; line-height: 1.28;\"><span style=\"display: inline-block; height: 1em;\"><span style=\"display: none;\">.<\/span><\/span><\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 8pt; padding-bottom: 0; line-height: 1.28;\"><strong>Test communication to windows machines via ansible run the following from <em>\/etc\/ansible<\/em><\/strong><\/p>\n<div class=\"ul\" style=\"margin: 0;\">\n<div class=\"li\" style=\"margin: 0;\">\n<div style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 8pt; padding-bottom: 0; line-height: 1.28; margin-left: 36pt;\"><span style=\"display: inline-block; position: relative; text-indent: -18pt; font-style: italic;\"><span style=\"position: absolute; top: -0.34em; left: 0; font-size: 2em;\">\u2022<\/span>\u00a0<\/span><em>ansible windows -i \/etc\/ansible\/hosts-windows -m ping<\/em><\/div>\n<\/div>\n<div class=\"li\" style=\"margin: 0;\">\n<div style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 8pt; padding-bottom: 0; line-height: 1.28; margin-left: 36pt;\"><span style=\"display: inline-block; position: relative; text-indent: -18pt; font-style: italic;\"><span style=\"position: absolute; top: -0.34em; left: 0; font-size: 2em;\">\u2022<\/span>\u00a0<\/span><em>ansible gsdprdint -i \/etc\/ansible\/hosts-prod-linux -m ping &#8211;vault-password-file \/etc\/ansible\/vaultpw.txt -u ansiblenick -k -K<\/em><\/div>\n<\/div>\n<\/div>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 8pt; padding-bottom: 0; line-height: 1.28;\"><strong><em>How to run he playbook on linux machines, run from \/etc\/ansible\/playbook\/<\/em><\/strong><\/p>\n<div class=\"ul\" style=\"margin: 0;\">\n<div class=\"li\" style=\"margin: 0;\">\n<div style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 8pt; padding-bottom: 0; line-height: 1.28; margin-left: 36pt;\"><span style=\"display: inline-block; position: relative; text-indent: -18pt; font-style: italic;\"><span style=\"position: absolute; top: -0.34em; left: 0; font-size: 2em;\">\u2022<\/span>\u00a0<\/span><em>ansible-playbook mars -i \/etc\/ansible\/hosts-prod-linux \/etc\/ansible\/playbooks\/wazuh-agent.yml &#8211;vault-password-file \/etc\/ansible\/vaultpw.txt -u ansiblenick -k -K<\/em><\/div>\n<\/div>\n<\/div>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 8pt; padding-bottom: 0; line-height: 1.28;\"><strong>How to run playbook on windows<\/strong><\/p>\n<div class=\"ul\" style=\"margin: 0;\">\n<div class=\"li\" style=\"margin: 0;\">\n<div style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 8pt; padding-bottom: 0; line-height: 1.28; margin-left: 36pt;\"><span style=\"display: inline-block; position: relative; text-indent: -18pt; font-style: italic;\"><span style=\"position: absolute; top: -0.34em; left: 0; font-size: 2em;\">\u2022<\/span>\u00a0<\/span><em>ansible-playbook -i \/etc\/ansible\/hosts-windows \/etc\/ansible\/playbooks\/wazuh-agent.yml &#8211;vault-password-file \/etc\/ansible\/vaultpw.txt -u ansiblenickt -k -K<\/em><\/div>\n<\/div>\n<\/div>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 8pt; padding-bottom: 0; line-height: 1.28;\"><span style=\"display: inline-block; height: 1em;\"><span style=\"display: none;\">.<\/span><\/span><\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 8pt; padding-bottom: 0; line-height: 1.28;\"><strong><span style=\"text-decoration: underline;\">Ansible playbook-roles-tasks breakdown<\/span><\/strong><\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 8pt; padding-bottom: 0; line-height: 1.28;\"><span style=\"text-decoration: underline;\"><em>:\/etc\/ansible\/playbooks# cat <\/em><\/span><span style=\"text-decoration: underline;\"><em>wazuh-agent.<\/em><\/span><span style=\"text-decoration: underline;\"><em>yml<\/em><\/span>\uf0dfplaybook file<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">&#8211; hosts: all:!wazuh-manager<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">roles:<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">&#8211; ansible-wazuh-agent\uf0dfroles that is called<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">vars:<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">\u00a0\u00a0\u00a0\u00a0wazuh_managers:<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">&#8211; address: 192.168.10.10<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">port: 1514<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">protocol: udp<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0api_port: 55000<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0api_proto: &#8216;http&#8217;<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0api_user: ansible<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">\u00a0\u00a0\u00a0\u00a0wazuh_agent_authd:<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0enable: true<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">port: 1515<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0ssl_agent_ca: null<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0ssl_auto_negotiate: &#8216;no<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 8pt; padding-bottom: 0; line-height: 1.28;\"><span style=\"display: inline-block; height: 1em;\"><span style=\"display: none;\">.<\/span><\/span><\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 8pt; padding-bottom: 0; line-height: 1.28;\"><em>Roles:<\/em> ansible-wazuh-agent<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 8pt; padding-bottom: 0; line-height: 1.28;\">:\/etc\/ansible\/roles\/ansible-wazuh-agent\/tasks# cat Linux.yml<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">&#8212;<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">&#8211; import_tasks: &#8220;RedHat.yml&#8221;<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">when: ansible_os_family == &#8220;RedHat&#8221;<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\"><span style=\"display: inline-block; height: 1em;\"><span style=\"display: none;\">.<\/span><\/span><\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">&#8211; import_tasks: &#8220;Debian.yml&#8221;<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">when: ansible_os_family == &#8220;Debian&#8221;<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\"><span style=\"display: inline-block; height: 1em;\"><span style=\"display: none;\">.<\/span><\/span><\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">&#8211; name: Linux | Install wazuh-agent<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">\u00a0\u00a0become: yes<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">package: name=wazuh-agent state=present<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">async: 90<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">poll: 15<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">tags:<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">&#8211; init<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\"><span style=\"display: inline-block; height: 1em;\"><span style=\"display: none;\">.<\/span><\/span><\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">&#8211; name: Linux | Check if client.keys exists<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">\u00a0\u00a0become: yes<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">stat: path=\/var\/ossec\/etc\/client.keys<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">register: check_keys<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">tags:<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">&#8211; config<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\"><span style=\"display: inline-block; height: 1em;\"><span style=\"display: none;\">.<\/span><\/span><\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\"><strong><em>This task I added. If the client.keys file exists the registration on linux simply skips over when the playbook runs. You may want to disable this later, however when deploying to new machines probably best to have it active<\/em><\/strong><\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\"><span style=\"display: inline-block; height: 1em;\"><span style=\"display: none;\">.<\/span><\/span><\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\"><strong><em>&#8211; name: empty client key file<\/em><\/strong><\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\"><strong><em>\u00a0\u00a0become: yes<\/em><\/strong><\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\"><strong><em> command: rm -f \/var\/ossec\/etc\/client.keys<\/em><\/strong><\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\"><strong><em> command: touch \/var\/ossec\/etc\/client.keys<\/em><\/strong><\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\"><span style=\"display: inline-block; height: 1em;\"><span style=\"display: none;\">.<\/span><\/span><\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\"><span style=\"display: inline-block; height: 1em;\"><span style=\"display: none;\">.<\/span><\/span><\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">&#8211; name: Linux | Agent registration via authd<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">block:<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">&#8211; name: Retrieving authd Credentials<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0include_vars: authd_pass.yml<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">tags:<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">&#8211; config<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">&#8211; authd<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\"><span style=\"display: inline-block; height: 1em;\"><span style=\"display: none;\">.<\/span><\/span><\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">&#8211; name: Copy CA, SSL key and cert for authd<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">copy:<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0src: &#8220;{{ item }}&#8221;<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0dest: &#8220;\/var\/ossec\/etc\/{{ item | basename }}&#8221;<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">mode: 0644<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0with_items:<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">&#8211; &#8220;{{ wazuh_agent_authd.ssl_agent_ca }}&#8221;<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">&#8211; &#8220;{{ wazuh_agent_authd.ssl_agent_cert }}&#8221;<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">&#8211; &#8220;{{ wazuh_agent_authd.ssl_agent_key }}&#8221;<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">tags:<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">&#8211; config<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">&#8211; authd<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">when:<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">&#8211; wazuh_agent_authd.ssl_agent_ca is not none<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\"><span style=\"display: inline-block; height: 1em;\"><span style=\"display: none;\">.<\/span><\/span><\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\"><strong><em>This section below is the most important section as this what registers the machine to wazuh, if this section is skipped its usually due to client.keys file. I have made adjustments from the original git repository as I found it had some issues.<\/em><\/strong><\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\"><span style=\"display: inline-block; height: 1em;\"><span style=\"display: none;\">.<\/span><\/span><\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">\u00a0\u00a0\u00a0\u00a0<strong><em>&#8211; name: Linux | Register agent (via authd)<\/em><\/strong><\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\"><strong><em> shell: &gt;<\/em><\/strong><\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\"><strong><em> \/var\/ossec\/bin\/agent-auth<\/em><\/strong><\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\"><strong><em> -m {{ wazuh_managers.0.address }}<\/em><\/strong><\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\"><strong><em> -p {{ wazuh_agent_authd.port }}<\/em><\/strong><\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\"><strong><em> {% if authd_pass is defined %}-P {{ authd_pass }}{% endif %}<\/em><\/strong><\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\"><strong><em> {% if wazuh_agent_authd.ssl_agent_ca is not none %}<\/em><\/strong><\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\"><strong><em> -v &#8220;\/var\/ossec\/etc\/{{ wazuh_agent_authd.ssl_agent_ca | basename }}&#8221;<\/em><\/strong><\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\"><strong><em> -x &#8220;\/var\/ossec\/etc\/{{ wazuh_agent_authd.ssl_agent_cert | basename }}&#8221;<\/em><\/strong><\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\"><strong><em> -k &#8220;\/var\/ossec\/etc\/{{ wazuh_agent_authd.ssl_agent_key | basename }}&#8221;<\/em><\/strong><\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\"><strong><em> {% endif %}<\/em><\/strong><\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\"><strong><em> {% if wazuh_agent_authd.ssl_auto_negotiate == &#8216;yes&#8217; %}-a{% endif %}<\/em><\/strong><\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\"><strong><em>\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0become: yes<\/em><\/strong><\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\"><strong><em> register: agent_auth_output<\/em><\/strong><\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\"><strong><em> when:<\/em><\/strong><\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\"><strong><em> &#8211; check_keys.stat.size == 0<\/em><\/strong><\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\"><strong><em> &#8211; wazuh_managers.0.address is not none<\/em><\/strong><\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\"><strong><em> tags:<\/em><\/strong><\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\"><strong><em> &#8211; config<\/em><\/strong><\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\"><strong><em> &#8211; authd<\/em><\/strong><\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\"><span style=\"display: inline-block; height: 1em;\"><span style=\"display: none;\">.<\/span><\/span><\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">&#8211; name: Linux | Verify agent registration<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">shell: echo {{ agent_auth_output }} | grep &#8220;Valid key created&#8221;<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">when:<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">&#8211; check_keys.stat.size == 0<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">&#8211; wazuh_managers.0.address is not none<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">tags:<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">&#8211; config<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">&#8211; authd<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\"><span style=\"display: inline-block; height: 1em;\"><span style=\"display: none;\">.<\/span><\/span><\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">when: wazuh_agent_authd.enable == true<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\"><span style=\"display: inline-block; height: 1em;\"><span style=\"display: none;\">.<\/span><\/span><\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">&#8211; name: Linux | Agent registration via rest-API<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">block:<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\"><span style=\"display: inline-block; height: 1em;\"><span style=\"display: none;\">.<\/span><\/span><\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">&#8211; name: Retrieving rest-API Credentials<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0include_vars: api_pass.yml<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">tags:<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">&#8211; config<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">&#8211; api<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\"><span style=\"display: inline-block; height: 1em;\"><span style=\"display: none;\">.<\/span><\/span><\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">&#8211; name: Linux | Create the agent key via rest-API<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0uri:<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">url: &#8220;{{ wazuh_managers.0.api_proto }}:\/\/{{ wazuh_managers.0.address }}:{{ wazuh_managers.0.api_port }}\/agents\/&#8221;<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0validate_certs: no<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">method: POST<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">body: {&#8220;name&#8221;:&#8221;{{ inventory_hostname }}&#8221;}<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0body_format: json<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0status_code: 200<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">\u00a0\u00a0\u00a0 headers:<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">Content-Type: &#8220;application\/json&#8221;<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">user: &#8220;{{ wazuh_managers.0.api_user }}&#8221;<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">password: &#8220;{{ api_pass }}&#8221;<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">register: newagent_api<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0changed_when: newagent_api.json.error == 0<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">when:<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">&#8211; check_keys.stat.size == 0<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">&#8211; wazuh_managers.0.address is not none<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0become: no<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">tags:<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">&#8211; config<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">&#8211; api<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\"><span style=\"display: inline-block; height: 1em;\"><span style=\"display: none;\">.<\/span><\/span><\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">&#8211; name: Linux | Retieve new agent data via rest-API<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0uri:<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">url: &#8220;{{ wazuh_managers.0.api_proto }}:\/\/{{ wazuh_managers.0.address }}:{{ wazuh_managers.0.api_port }}\/agents\/{{ newagent_api.json.data.id }}&#8221;<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0validate_certs: no<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">method: GET<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0return_content: yes<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">user: &#8220;{{ wazuh_managers.0.api_user }}&#8221;<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">password: &#8220;{{ api_pass }}&#8221;<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">when:<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">&#8211; check_keys.stat.size == 0<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">&#8211; wazuh_managers.0.address is not none<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">&#8211; newagent_api.json.error == 0<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">register: newagentdata_api<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0delegate_to: localhost<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0become: no<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">tags:<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">&#8211; config<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">&#8211; api<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\"><span style=\"display: inline-block; height: 1em;\"><span style=\"display: none;\">.<\/span><\/span><\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">&#8211; name: Linux | Register agent (via rest-API)<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">command: \/var\/ossec\/bin\/manage_agents<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">environment:<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">OSSEC_ACTION: i<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">OSSEC_AGENT_NAME: &#8216;{{ newagentdata_api.json.data.name }}&#8217;<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">OSSEC_AGENT_IP: &#8216;{{ newagentdata_api.json.data.ip }}&#8217;<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">OSSEC_AGENT_ID: &#8216;{{ newagent_api.json.data.id }}&#8217;<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">OSSEC_AGENT_KEY: &#8216;{{ newagent_api.json.data.key }}&#8217;<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">OSSEC_ACTION_CONFIRMED: y<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">register: manage_agents_output<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">when:<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">&#8211; check_keys.stat.size == 0<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">&#8211; wazuh_managers.0.address is not none<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">&#8211; newagent_api.changed<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">tags:<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">&#8211; config<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">&#8211; api<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0notify: restart wazuh-agent<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\"><span style=\"display: inline-block; height: 1em;\"><span style=\"display: none;\">.<\/span><\/span><\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">when: wazuh_agent_authd.enable == false<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\"><span style=\"display: inline-block; height: 1em;\"><span style=\"display: none;\">.<\/span><\/span><\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">&#8211; name: Linux | Vuls integration deploy (runs in background, can take a while)<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">command: \/var\/ossec\/wodles\/vuls\/deploy_vuls.sh {{ ansible_distribution|lower }} {{ ansible_distribution_major_version|int }}<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">\u00a0\u00a0args:<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">creates: \/var\/ossec\/wodles\/vuls\/config.toml<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">async: 3600<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">poll: 0<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">when:<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">&#8211; wazuh_agent_config.vuls.disable != &#8216;yes&#8217;<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">&#8211; ansible_distribution == &#8216;Redhat&#8217; or ansible_distribution == &#8216;CentOS&#8217; or ansible_distribution == &#8216;Ubuntu&#8217; or ansible_distribution == &#8216;Debian&#8217; or ansible_distribution == &#8216;Oracle&#8217;<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">tags:<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">&#8211; init<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\"><span style=\"display: inline-block; height: 1em;\"><span style=\"display: none;\">.<\/span><\/span><\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">&#8211; name: Linux | Installing agent configuration (ossec.conf)<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">\u00a0\u00a0become: yes<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">template: src=var-ossec-etc-ossec-agent.conf.j2<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0\u00a0dest=\/var\/ossec\/etc\/ossec.conf<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">owner=root<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">group=ossec<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">mode=0644<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">\u00a0\u00a0notify: restart wazuh-agent<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">\u00a0\u00a0tags:<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">&#8211; init<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">&#8211; config<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\"><span style=\"display: inline-block; height: 1em;\"><span style=\"display: none;\">.<\/span><\/span><\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">&#8211; name: Linux | Ensure Wazuh Agent service is restarted and enabled<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">\u00a0\u00a0become: yes<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">service:<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">name: wazuh-agent<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">enabled: yes<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">state: restarted<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\"><span style=\"display: inline-block; height: 1em;\"><span style=\"display: none;\">.<\/span><\/span><\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">&#8211; import_tasks: &#8220;RMRedHat.yml&#8221;<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">when: ansible_os_family == &#8220;RedHat&#8221;<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\"><span style=\"display: inline-block; height: 1em;\"><span style=\"display: none;\">.<\/span><\/span><\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">&#8211; import_tasks: &#8220;RMDebian.yml&#8221;<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">when: ansible_os_family == &#8220;Debian&#8221;<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\"><span style=\"display: inline-block; height: 1em;\"><span style=\"display: none;\">.<\/span><\/span><\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\"><strong><span style=\"text-decoration: underline;\">Windows- tasks<\/span><\/strong><\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\"><strong><em>Note: This section only works if your ansible is configured to communicate with Windows machines. It requires that port 5986 from ansible to windows is open and then port 1515 from the window machine to the wazuh-manager is open.<\/em><\/strong><\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\"><span style=\"display: inline-block; height: 1em;\"><span style=\"display: none;\">.<\/span><\/span><\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\"><strong><em>Problems: When using authd and Kerberos for windows ensure you have the host name listed in \/etc\/hosts on the ansible server to help alleviate agent deployment issues. Its script does not seem to handle well when you have more than 5 or 6 clients at a time at least in my experience.<\/em><\/strong><\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\"><span style=\"display: inline-block; height: 1em;\"><span style=\"display: none;\">.<\/span><\/span><\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\"><strong><em>Either I had to rejoint the windows machine to the domain or remove the client.keys file. I have updated this task to include the task to remove the client.keys file before it check to see if it exists. You do need to play with it a bit sometimes. I have also added a section that adds the wazuh-agent as a service and restarts it upon deployment as I found it sometimes skipped this entirely.<\/em><\/strong><\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\"><span style=\"display: inline-block; height: 1em;\"><span style=\"display: none;\">.<\/span><\/span><\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\"><span style=\"text-decoration: underline;\"><em>:\/etc\/ansible\/roles\/ansible-<\/em><\/span><span style=\"text-decoration: underline;\"><em>wazuh<\/em><\/span><span style=\"text-decoration: underline;\"><em>-agent\/tasks# cat <\/em><\/span><span style=\"text-decoration: underline;\"><em>Windows.yml<\/em><\/span><\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">&#8212;<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">&#8211; name: Windows | Get current installed version<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">\u00a0\u00a0win_shell: &#8220;{{ wazuh_winagent_config.install_dir }}ossec-agent.exe -h&#8221;<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">\u00a0\u00a0args:<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">removes: &#8220;{{ wazuh_winagent_config.install_dir }}ossec-agent.exe&#8221;<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">register: agent_version<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">\u00a0\u00a0failed_when: False<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">\u00a0\u00a0changed_when: False<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\"><span style=\"display: inline-block; height: 1em;\"><span style=\"display: none;\">.<\/span><\/span><\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">&#8211; name: Windows | Check Wazuh agent version installed<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">\u00a0\u00a0set_fact: correct_version=true<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">when:<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">&#8211; agent_version.stdout is defined<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">&#8211; wazuh_winagent_config.version in agent_version.stdout<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\"><span style=\"display: inline-block; height: 1em;\"><span style=\"display: none;\">.<\/span><\/span><\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">&#8211; name: Windows | Downloading windows Wazuh agent installer<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">\u00a0\u00a0win_get_url:<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">\u00a0\u00a0\u00a0\u00a0dest: C:\\wazuh-agent-installer.msi<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">url: &#8220;{{ wazuh_winagent_config.repo }}wazuh-agent-{{ wazuh_winagent_config.version }}-{{ wazuh_winagent_config.revision }}.msi&#8221;<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">when:<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">&#8211; correct_version is not defined<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\"><span style=\"display: inline-block; height: 1em;\"><span style=\"display: none;\">.<\/span><\/span><\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">&#8211; name: Windows | Verify the downloaded Wazuh agent installer<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">\u00a0\u00a0win_stat:<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">path: C:\\wazuh-agent-installer.msi<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">\u00a0\u00a0\u00a0\u00a0get_checksum: yes<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">\u00a0\u00a0\u00a0\u00a0checksum_algorithm: md5<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">register: installer_md5<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">when:<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">&#8211; correct_version is not defined<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">\u00a0\u00a0failed_when:<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">&#8211; installer_md5.stat.checksum != wazuh_winagent_config.md5<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\"><span style=\"display: inline-block; height: 1em;\"><span style=\"display: none;\">.<\/span><\/span><\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">&#8211; name: Windows | Install Wazuh agent<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">\u00a0\u00a0win_package:<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">path: C:\\wazuh-agent-installer.msi<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">arguments: APPLICATIONFOLDER={{ wazuh_winagent_config.install_dir }}<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">when:<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">&#8211; correct_version is not defined<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\"><span style=\"display: inline-block; height: 1em;\"><span style=\"display: none;\">.<\/span><\/span><\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\"><strong><em>This section was added. If it was present registrations would skip<\/em><\/strong><\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\"><strong><em>&#8211; name: Remove a file, if present<\/em><\/strong><\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\"><strong><em>\u00a0\u00a0win_file:<\/em><\/strong><\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\"><strong><em> path: C:\\wazuh-agent\\client.keys<\/em><\/strong><\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\"><strong><em> state: absent<\/em><\/strong><\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\"><span style=\"display: inline-block; height: 1em;\"><span style=\"display: none;\">.<\/span><\/span><\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\"><strong><em>This section was added for troubleshooting purposes<\/em><\/strong><\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\"><strong><em>#- name: Touch a file (creates if not present, updates modification time if present)<\/em><\/strong><\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\"><strong><em># win_file:<\/em><\/strong><\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\"><strong><em># path: C:\\wazuh-agent\\client.keys<\/em><\/strong><\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\"><strong><em># state: touch<\/em><\/strong><\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\"><span style=\"display: inline-block; height: 1em;\"><span style=\"display: none;\">.<\/span><\/span><\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\"><span style=\"display: inline-block; height: 1em;\"><span style=\"display: none;\">.<\/span><\/span><\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">&#8211; name: Windows | Check if client.keys exists<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">\u00a0\u00a0win_stat: path=&#8221;{{ wazuh_winagent_config.install_dir }}client.keys&#8221;<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">register: check_windows_key<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">\u00a0\u00a0notify: restart wazuh-agent windows<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">tags:<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">&#8211; config<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\"><span style=\"display: inline-block; height: 1em;\"><span style=\"display: none;\">.<\/span><\/span><\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">&#8211; name: Retrieving authd Credentials<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">\u00a0\u00a0include_vars: authd_pass.yml<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">tags:<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">&#8211; config<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\"><span style=\"display: inline-block; height: 1em;\"><span style=\"display: none;\">.<\/span><\/span><\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">&#8211; name: Windows | Register agent<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">\u00a0\u00a0win_shell: &gt;<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">\u00a0\u00a0\u00a0\u00a0{{ wazuh_winagent_config.install_dir }}agent-auth.exe<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">-m {{ wazuh_managers.0.address }}<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">-p {{ wazuh_agent_authd.port }}<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">{% if authd_pass is defined %}-P {{ authd_pass }}{% endif %}<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">\u00a0\u00a0args:<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">\u00a0\u00a0\u00a0\u00a0chdir: &#8220;{{ wazuh_winagent_config.install_dir }}&#8221;<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">register: agent_auth_output<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">\u00a0\u00a0notify: restart wazuh-agent windows<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">when:<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">&#8211; wazuh_agent_authd.enable == true<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">&#8211; check_windows_key.stat.exists == false<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">&#8211; wazuh_managers.0.address is not none<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">tags:<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">&#8211; config<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\"><span style=\"display: inline-block; height: 1em;\"><span style=\"display: none;\">.<\/span><\/span><\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">&#8211; name: Windows | Installing agent configuration (ossec.conf)<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">\u00a0\u00a0win_template:<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">\u00a0\u00a0\u00a0\u00a0src: var-ossec-etc-ossec-agent.conf.j2<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">\u00a0\u00a0\u00a0\u00a0dest: &#8220;{{ wazuh_winagent_config.install_dir }}ossec.conf&#8221;<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">\u00a0\u00a0notify: restart wazuh-agent windows<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">tags:<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">&#8211; config<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\"><span style=\"display: inline-block; height: 1em;\"><span style=\"display: none;\">.<\/span><\/span><\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">&#8211; name: Windows | Delete downloaded Wazuh agent installer file<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">\u00a0\u00a0win_file:<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">path: C:\\wazuh-agent-installer.msi<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\">state: absent<\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\"><span style=\"display: inline-block; height: 1em;\"><span style=\"display: none;\">.<\/span><\/span><\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\"><strong><em>These section was added as the service sometimes was not created and the agent was not restarted upon deployment which resulted in a non active client In kibana<\/em><\/strong><\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\"><strong><em>&#8211; name: Create a new service<\/em><\/strong><\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\"><strong><em>\u00a0\u00a0win_service:<\/em><\/strong><\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\"><strong><em> name: wazuh-agent<\/em><\/strong><\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\"><strong><em> path: C:\\wazuh-agent\\ossec-agent.exe<\/em><\/strong><\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\"><span style=\"display: inline-block; height: 1em;\"><span style=\"display: none;\">.<\/span><\/span><\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\"><strong><em>&#8211; name: Windows | Wazuh-agent Restart<\/em><\/strong><\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\"><strong><em>\u00a0\u00a0win_service:<\/em><\/strong><\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\"><strong><em> name: wazuh-agent<\/em><\/strong><\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 0pt; padding-bottom: 0; line-height: 1.2;\"><strong><em> state: restarted<\/em><\/strong><\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 8pt; padding-bottom: 0; line-height: 1.28;\"><span style=\"display: inline-block; height: 1em;\"><span style=\"display: none;\">.<\/span><\/span><\/p>\n<p style=\"margin-top: 0pt; padding-top: 0; margin-bottom: 8pt; padding-bottom: 0; line-height: 1.28;\"><span style=\"display: inline-block; height: 1em;\"><span style=\"display: none;\">.<\/span><\/span><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Note: For windows ports 5986 and 1515 must be open along with configureansiblescript.ps(powershell script) must have been setup for ansible to be able to communicate and deploy the wazuh-agent to windows machines. . In order to deploy the wazuh-agent to a large group of servers that span windows, ubuntu, centos type distros with ansible. Some tweaks need to be made<a href=\"https:\/\/nicktailor.com\/tech-blog\/how-to-deploy-wazuh-agnet-with-ansible\/\" class=\"read-more\">Read More &#8230;<\/a><\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[51,56],"tags":[],"class_list":["post-805","post","type-post","status-publish","format-standard","hentry","category-ansible","category-wazuh"],"_links":{"self":[{"href":"https:\/\/nicktailor.com\/tech-blog\/wp-json\/wp\/v2\/posts\/805","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/nicktailor.com\/tech-blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/nicktailor.com\/tech-blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/nicktailor.com\/tech-blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/nicktailor.com\/tech-blog\/wp-json\/wp\/v2\/comments?post=805"}],"version-history":[{"count":12,"href":"https:\/\/nicktailor.com\/tech-blog\/wp-json\/wp\/v2\/posts\/805\/revisions"}],"predecessor-version":[{"id":1061,"href":"https:\/\/nicktailor.com\/tech-blog\/wp-json\/wp\/v2\/posts\/805\/revisions\/1061"}],"wp:attachment":[{"href":"https:\/\/nicktailor.com\/tech-blog\/wp-json\/wp\/v2\/media?parent=805"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/nicktailor.com\/tech-blog\/wp-json\/wp\/v2\/categories?post=805"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/nicktailor.com\/tech-blog\/wp-json\/wp\/v2\/tags?post=805"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}