Unattended Installation

Unattended installation saves the user having to interact with the installation interface to complete the process, allowing the automation of agents deployments. To do this, you must modify the preloaded-vars.conf file uncommenting the configuration lines that you want to automate in the installation process.

Global

USER_LANGUAGE Defines the language to be used.
Allowed values “en”, “br”, “cn”, “de”, “el”, “en”, “es”, “fr”, “hu”, “it”, “jp”, “nl”, “pl”, “ru”, “sr”, “tr”
USER_NO_STOP If it is set to anything, the confirmation messages are not going to be asked for.
USER_INSTALL_TYPE Defines the role for the Wazuh instance that is being installed.
Allowed values “local”, “agent”, “server”
USER_DIR Defines the location to install Wazuh.
Allowed values Any path
USER_DELETE_DIR If it is set to “y”, the directory to install Wazuh will be removed if exists.
Allowed values “y”, “n”
USER_ENABLE_ACTIVE_RESPONSE If it is set to “n”, active response will be disabled.
Allowed values “y”, “n”
USER_ENABLE_SYSCHECK If it is set to “n”, syscheck will be disabled.
Allowed values “y”, “n”
USER_ENABLE_ROOTCHECK If it is set to “n”, rootcheck will be disabled.
Allowed values “y”, “n”
USER_ENABLE_OPENSCAP If it is set to “n”, OpenSCAP will be disabled.
Allowed values “y”, “n”
USER_UPDATE If it is set to anything, the update installation will be done.
USER_BINARYINSTALL If it is set to anything, the installation is not going to compile the code, but use the binaries from ./bin/

Agent

USER_AGENT_SERVER_IP Specifies the IP address of the Wazuh server.
USER_AGENT_SERVER_NAME Specifies the hostname of the Wazuh server.
USER_AGENT_CONFIG_PROFILE Specifies the agent’s config profile name. This is used to create a configuration profiles for this particular profile name.

Example:

USER_LANGUAGE="en"
USER_NO_STOP="y"
USER_INSTALL_TYPE="agent"
USER_DIR="/var/ossec"
USER_ENABLE_SYSCHECK="y"
USER_ENABLE_ROOTCHECK="y"
USER_ENABLE_OPENSCAP="y"
USER_ENABLE_ACTIVE_RESPONSE="y"

Manager/local

USER_ENABLE_EMAIL Enables or disables alerts by e-mail.
Allowed values “y”, “n”
USER_EMAIL_ADDRESS Defines the destination e-mail for the alerts.
Allowed values A valid e-mail address.
USER_EMAIL_SMTP Defines the SMTP server to send the e-mails.
Allowed values A valid SMTP server.
USER_ENABLE_SYSLOG Enables or disables remote syslog.
Allowed values “y”, “n”
USER_WHITE_LIST List of IPs or networks that are going to be set to never be blocked.

Example:

USER_LANGUAGE="en"
USER_NO_STOP="y"
USER_INSTALL_TYPE="server"
USER_DIR="/var/ossec"
USER_ENABLE_EMAIL="n"
USER_ENABLE_SYSCHECK="y"
USER_ENABLE_ROOTCHECK="y"
USER_ENABLE_OPENSCAP="y"
USER_WHITE_LIST="n"
USER_ENABLE_SYSLOG="y"

API

Parameters for install_api.sh:

REINSTALL Reinstall Wazuh.
Allowed values “y”, “n”
REMOVE Remove current installation.
Allowed values “y”, “n”
DIRECTORY Installation directory.
Allowed values Any path

Parameters for configure_api.sh:

PORT The port used to connect to the Wazuh API.
Allowed values Any valid port.
HTTPS Enable HTTPS.
Allowed values “y”, “n”
AUTHD Enable authd authentication.
Allowed values “y”, “n”
PROXY Change proxy.
Allowed values “y”, “n”

Parameters for certificate generation:

COUNTRY Certificate country.
STATE Certificate state.
LOCALITY Certificate locality.
ORG_NAME Organization name.
ORG_UNIT Organitation unit name.
COMMON_NAME Common Name.
PASSWORD Certificate password.

Parameters for basic auth:

USER API user.
PASS API password.

Note

To automate deployments in Windows you can use the parameters of its installer.