Unattended Installation

Unattended installation saves the user having to interact with the installation interface to complete the process, allowing the automation of agents deployments. To do this, you must modify the preloaded-vars.conf file uncommenting the configuration lines that you want to automate in the installation process.

Global

USER_LANGUAGE

Defines the language to be used.

Allowed values

“en”, “br”, “cn”, “de”, “el”, “en”, “es”, “fr”, “hu”, “it”, “jp”, “nl”, “pl”, “ru”, “sr”, “tr”

USER_NO_STOP

If it is set to anything, the confirmation messages are not going to be asked for.

USER_INSTALL_TYPE

Defines the role for the Wazuh instance that is being installed.

Allowed values

“local”, “agent”, “server”

USER_DIR

Defines the location to install Wazuh.

Allowed values

Any path

USER_DELETE_DIR

If it is set to “y”, the directory to install Wazuh will be removed if exists.

Allowed values

“y”, “n”

USER_ENABLE_ACTIVE_RESPONSE

If it is set to “n”, active response will be disabled.

Allowed values

“y”, “n”

USER_ENABLE_SYSCHECK

If it is set to “n”, syscheck will be disabled.

Allowed values

“y”, “n”

USER_ENABLE_ROOTCHECK

If it is set to “n”, rootcheck will be disabled.

Allowed values

“y”, “n”

USER_ENABLE_OPENSCAP

If it is set to “n”, OpenSCAP will be disabled.

Allowed values

“y”, “n”

USER_UPDATE

If it is set to anything, the update installation will be done.

USER_BINARYINSTALL

If it is set to anything, the installation is not going to compile the code, but use the binaries from ./bin/

Agent

USER_AGENT_SERVER_IP

Specifies the IP address of the Wazuh server.

USER_AGENT_SERVER_NAME

Specifies the hostname of the Wazuh server.

USER_AGENT_CONFIG_PROFILE

Specifies the agent’s config profile name. This is used to create a configuration profiles for this particular profile name.

Example:

USER_LANGUAGE="en"
USER_NO_STOP="y"
USER_INSTALL_TYPE="agent"
USER_DIR="/var/ossec"
USER_ENABLE_SYSCHECK="y"
USER_ENABLE_ROOTCHECK="y"
USER_ENABLE_OPENSCAP="y"
USER_ENABLE_ACTIVE_RESPONSE="y"

Manager/local

USER_ENABLE_EMAIL

Enables or disables alerts by e-mail.

Allowed values

“y”, “n”

USER_EMAIL_ADDRESS

Defines the destination e-mail for the alerts.

Allowed values

A valid e-mail address.

USER_EMAIL_SMTP

Defines the SMTP server to send the e-mails.

Allowed values

A valid SMTP server.

USER_ENABLE_SYSLOG

Enables or disables remote syslog.

Allowed values

“y”, “n”

USER_WHITE_LIST

List of IPs or networks that are going to be set to never be blocked.

Example:

USER_LANGUAGE="en"
USER_NO_STOP="y"
USER_INSTALL_TYPE="server"
USER_DIR="/var/ossec"
USER_ENABLE_EMAIL="n"
USER_ENABLE_SYSCHECK="y"
USER_ENABLE_ROOTCHECK="y"
USER_ENABLE_OPENSCAP="y"
USER_WHITE_LIST="n"
USER_ENABLE_SYSLOG="y"

API

Parameters for install_api.sh:

REINSTALL

Reinstall Wazuh.

Allowed values

“y”, “n”

REMOVE

Remove current installation.

Allowed values

“y”, “n”

DIRECTORY

Installation directory.

Allowed values

Any path

Parameters for configure_api.sh:

PORT

The port used to connect to the Wazuh API.

Allowed values

Any valid port.

HTTPS

Enable HTTPS.

Allowed values

“y”, “n”

AUTHD

Enable authd authentication.

Allowed values

“y”, “n”

PROXY

Change proxy.

Allowed values

“y”, “n”

Parameters for certificate generation:

COUNTRY

Certificate country.

STATE

Certificate state.

LOCALITY

Certificate locality.

ORG_NAME

Organization name.

ORG_UNIT

Organitation unit name.

COMMON_NAME

Common Name.

PASSWORD

Certificate password.

Parameters for basic auth:

USER

API user.

PASS

API password.

Note

To automate deployments in Windows you can use the parameters of its installer.