Skip to content

Commit 19d00a9

Browse files
g0rgameshg0rgamesh
authored
Wazuh procedure improvement (#1987)
1 parent 390f2d8 commit 19d00a9

File tree

1 file changed

+20
-23
lines changed

1 file changed

+20
-23
lines changed

doc/source/configuration/wazuh.rst

Lines changed: 20 additions & 23 deletions
Original file line numberDiff line numberDiff line change
@@ -205,8 +205,27 @@ Reinstall the role if required:
205205

206206
``kayobe control host bootstrap``
207207

208+
Secrets
209+
-------
210+
211+
Wazuh requires that secrets or passwords are set for itself and the services with which it communicates.
212+
Wazuh secrets playbook is located in ``$KAYOBE_CONFIG_PATH/ansible/deployment/wazuh-secrets.yml``.
213+
Running this playbook will generate and put pertinent security items into secrets
214+
vault file which will be placed in ``$KAYOBE_CONFIG_PATH/deployment/wazuh-secrets.yml``.
215+
If using environments it ends up in ``$KAYOBE_CONFIG_PATH/environments/<env_name>/deployment/wazuh-secrets.yml``
216+
Remember to encrypt!
217+
218+
Wazuh secrets template is located in ``$KAYOBE_CONFIG_PATH/ansible/templates/wazuh-secrets.yml.j2``.
219+
It will be used by wazuh secrets playbook to generate wazuh secrets vault file.
220+
221+
222+
.. code-block:: console
223+
224+
kayobe playbook run $KAYOBE_CONFIG_PATH/ansible/deployment/wazuh-secrets.yml
208225
209-
Edit the playbook and variables to your needs:
226+
.. note:: Use ``ansible-vault`` to view the secrets:
227+
228+
``ansible-vault view --vault-password-file ~/vault.password $KAYOBE_CONFIG_PATH/inventory/group_vars/wazuh-manager/deployment/wazuh-secrets.yml``
210229

211230
Wazuh manager configuration
212231
---------------------------
@@ -242,28 +261,6 @@ You may need to modify some of the variables, including:
242261

243262
You'll need to run ``wazuh-manager.yml`` playbook again to apply customisation.
244263

245-
Secrets
246-
-------
247-
248-
Wazuh requires that secrets or passwords are set for itself and the services with which it communiticates.
249-
Wazuh secrets playbook is located in ``$KAYOBE_CONFIG_PATH/ansible/deployment/wazuh-secrets.yml``.
250-
Running this playbook will generate and put pertinent security items into secrets
251-
vault file which will be placed in ``$KAYOBE_CONFIG_PATH/deployment/wazuh-secrets.yml``.
252-
If using environments it ends up in ``$KAYOBE_CONFIG_PATH/environments/<env_name>/deployment/wazuh-secrets.yml``
253-
Remember to encrypt!
254-
255-
Wazuh secrets template is located in ``$KAYOBE_CONFIG_PATH/ansible/templates/wazuh-secrets.yml.j2``.
256-
It will be used by wazuh secrets playbook to generate wazuh secrets vault file.
257-
258-
259-
.. code-block:: console
260-
261-
kayobe playbook run $KAYOBE_CONFIG_PATH/ansible/deployment/wazuh-secrets.yml
262-
263-
.. note:: Use ``ansible-vault`` to view the secrets:
264-
265-
``ansible-vault view --vault-password-file ~/vault.password $KAYOBE_CONFIG_PATH/inventory/group_vars/wazuh-manager/deployment/wazuh-secrets.yml``
266-
267264
Configure Wazuh Dashboard's Server Host
268265
---------------------------------------
269266

0 commit comments

Comments
 (0)