Unattended Installation
The unattended installation saves time deploying agents, allowing the user to predefine several installation variables instead of waiting for them to be prompted. This can be made by modifying the preloaded-vars.conf file and uncommenting the configuration lines that you want to automate during the installation process.
Global
USER_LANGUAGE |
Defines the language to be used. |
|
Allowed values |
"en", "br", "cn", "de", "el", "es", "fr", "hu", "it", "jp", "nl", "pl", "ru", "sr", "tr" |
|
USER_NO_STOP |
If it is set to anything, the confirmation messages are not going to be asked for. |
|
USER_INSTALL_TYPE |
Defines the role for the ThreatLockDown instance that is being installed. |
|
Allowed values |
"local", "agent", "server" |
|
USER_DIR |
Defines the location to install Wazuh. |
|
Allowed values |
Any path |
|
USER_DELETE_DIR |
If it is set to "y", the directory to install ThreatLockDown will be removed if exists. |
|
Allowed values |
"y", "n" |
|
USER_ENABLE_ACTIVE_RESPONSE |
If it is set to "n", active response will be disabled. |
|
Allowed values |
"y", "n" |
|
USER_ENABLE_SYSCHECK |
If it is set to "n", syscheck will be disabled. |
|
Allowed values |
"y", "n" |
|
USER_ENABLE_ROOTCHECK |
If it is set to "n", rootcheck will be disabled. |
|
Allowed values |
"y", "n" |
|
USER_ENABLE_OPENSCAP |
If it is set to "n", OpenSCAP will be disabled. |
|
Allowed values |
"y", "n" |
|
USER_ENABLE_AUTHD |
If it is set to "y", Authd will be enabled. |
|
Allowed values |
"y", "n" |
|
USER_GENERATE_AUTHD_CERT |
If it is set to "y", the Authd certificate will be auto generated. |
|
Allowed values |
"y", "n" |
|
USER_UPDATE |
If it is set to anything, the update installation will be done. |
|
USER_BINARYINSTALL |
If it is set to anything, the installation is not going to compile the code, but use the binaries from ./bin/ |
|
USER_CA_STORE |
Custom location for certificates to verify incoming WPK packages for remote upgrades. |
|
Allowed values |
If none "n", otherwise the path to a X509 certificate or to a folder containing certificates. |
|
Agent
USER_AGENT_SERVER_IP |
Specifies the IP address of the ThreatLockDown server. |
USER_AGENT_SERVER_NAME |
Specifies the hostname of the ThreatLockDown server. |
USER_AGENT_CONFIG_PROFILE |
Specifies the agent's config profile name. This is used to create configuration profiles for this particular profile name. |
Example:
USER_LANGUAGE="en"
USER_NO_STOP="y"
USER_INSTALL_TYPE="agent"
USER_DIR="/var/ossec"
USER_ENABLE_SYSCHECK="y"
USER_ENABLE_ROOTCHECK="y"
USER_ENABLE_OPENSCAP="y"
USER_ENABLE_ACTIVE_RESPONSE="y"
Manager/local
USER_ENABLE_EMAIL |
Enables or disables alerts by e-mail. |
|
Allowed values |
"y", "n" |
|
USER_AUTO_START |
Enables or disables the auto-start of Wazuh. |
|
USER_EMAIL_ADDRESS |
Defines the destination e-mail for the alerts. |
|
Allowed values |
A valid e-mail address. |
|
USER_EMAIL_SMTP |
Defines the SMTP server to send the e-mails. |
|
Allowed values |
A valid SMTP server. |
|
USER_ENABLE_SYSLOG |
Enables or disables remote syslog. |
|
Allowed values |
"y", "n" |
|
USER_WHITE_LIST |
List of IP addresses or networks that are going to be set to never be blocked. |
|
Example:
USER_LANGUAGE="en"
USER_NO_STOP="y"
USER_INSTALL_TYPE="server"
USER_DIR="/var/ossec"
USER_ENABLE_EMAIL="n"
USER_ENABLE_SYSCHECK="y"
USER_ENABLE_ROOTCHECK="y"
USER_ENABLE_OPENSCAP="y"
USER_WHITE_LIST="n"
USER_ENABLE_SYSLOG="y"
USER_CA_STORE="n"
API
Parameters for install_api.sh:
REINSTALL |
Reinstall Wazuh. |
|
Allowed values |
"y", "n" |
|
REMOVE |
Remove current installation. |
|
Allowed values |
"y", "n" |
|
DIRECTORY |
Installation directory. |
|
Allowed values |
Any path |
|
Parameters for configure_api.sh:
PORT |
The port used to connect to the ThreatLockDown API. |
|
Allowed values |
Any valid port. |
|
HTTPS |
Enable HTTPS. |
|
Allowed values |
"y", "n" |
|
AUTHD |
Enable Authd authentication. |
|
Allowed values |
"y", "n" |
|
PROXY |
Change proxy. |
|
Allowed values |
"y", "n" |
|
Parameters for certificate generation:
COUNTRY |
Certificate country. |
STATE |
Certificate state. |
LOCALITY |
Certificate locality. |
ORG_NAME |
Organization name. |
ORG_UNIT |
Organization unit name. |
COMMON_NAME |
Common Name. |
PASSWORD |
Certificate password. |
Parameters for basic auth:
USER |
API user. |
PASS |
API password. |
Note
To automate deployments in Windows, you can use the parameters of its installer.