This stack contains the Wazuh cluster Kibana Ansible Playbook. This deploys up the Open Distro Kibana implementation and Wazuh App.
We developed this role to stand the Open Distro Kibana in Wazuh cluster based on the configurations and requirements. Installs
Kibana and Wazuh App on the target instance. Detailed information on the wazuh-kibana role and role variables can be found
here.
We are using Galaxy which provides pre-packaged units of work known to Ansible as roles and collections. Content from roles and collections of the wazuh-ansible are referenced in oci-rsa-ansible-wazuh-kibana. This playbook installs and configures Wazuh agent and manager.
Installs base packages and sets configuration for general security, monitoring, and auditing purposes. More information on the oci-rsa-ansible-base can be found here.
- Ansible core >= 2.9.x
- Oracle Autonomous Linux >= 7.9
A list of other roles hosted on Galaxy:
- wazuh-ansible: These playbooks install and configure Wazuh agent, manager and Elastic Stack
A list of other roles hosted on Github:
- oci-rsa-ansible-base: Installs base packages and sets configuration for general security, monitoring, and auditing purposes.
main
branch contains the latest code.
There are multiple ways to run Ansible playbook, but for our project we choose to pull down the bundled playbook from the OCI Object Storage bucket and then run the following command to configure each of the hosts locally.
ansible-playbook -i localhost, $OCI_RSA_BASE/${playbook_name}/main.yml --connection=local
An extra_variables.yml
file is required to set the variables below. Here, the OpenDistro elasticsearch admin password, OpenDistro Kibana password
and Wazuh password can be set by the user.
opendistro_kibana_password: "${}"
opendistro_admin_password: "${}"
wazuh_password: "${}"
This is a wrapper which configures the Wazuh cluster. To deploy the infrastructure and configure the cluster on instance nodes, our team recommends a specific workflow. Detailed explanation of the recommended workflow can be found here.
This repository was developed by the Oracle OCI Regulatory Solutions and Automation (RSA) team.
Interested in contributing? See our contribution guidelines for details.
This repository and its contents are licensed under UPL 1.0.