scripts/enroll-agent.sh · soc-automation-lab

25 lines · bash

set -euo pipefail
 
: "${WAZUH_MANAGER:?set WAZUH_MANAGER to the manager IP}"
WAZUH_AGENT_GROUP="${WAZUH_AGENT_GROUP:-linux}"
WAZUH_VERSION="${WAZUH_VERSION:-4.9.0-1}"
 
if ! command -v apt-get >/dev/null 2>&1; then
    echo "this helper targets debian/ubuntu; install the rpm package manually elsewhere" >&2
    exit 1
fi
 
curl -s https://packages.wazuh.com/key/GPG-KEY-WAZUH | gpg --no-default-keyring \
    --keyring gnupg-ring:/usr/share/keyrings/wazuh.gpg --import
chmod 644 /usr/share/keyrings/wazuh.gpg
echo "deb [signed-by=/usr/share/keyrings/wazuh.gpg] https://packages.wazuh.com/4.x/apt/ stable main" \
    > /etc/apt/sources.list.d/wazuh.list
 
apt-get update
WAZUH_MANAGER="${WAZUH_MANAGER}" WAZUH_AGENT_GROUP="${WAZUH_AGENT_GROUP}" \
    apt-get install -y "wazuh-agent=${WAZUH_VERSION}"
 
systemctl daemon-reload
systemctl enable --now wazuh-agent
 
echo "agent enrolled against ${WAZUH_MANAGER} in group ${WAZUH_AGENT_GROUP}"

1	set -euo pipefail
2
3	: "${WAZUH_MANAGER:?set WAZUH_MANAGER to the manager IP}"
4	WAZUH_AGENT_GROUP="${WAZUH_AGENT_GROUP:-linux}"
5	WAZUH_VERSION="${WAZUH_VERSION:-4.9.0-1}"
6
7	if ! command -v apt-get >/dev/null 2>&1; then
8	echo "this helper targets debian/ubuntu; install the rpm package manually elsewhere" >&2
9	exit 1
10	fi
11
12	curl -s https://packages.wazuh.com/key/GPG-KEY-WAZUH \| gpg --no-default-keyring \
13	--keyring gnupg-ring:/usr/share/keyrings/wazuh.gpg --import
14	chmod 644 /usr/share/keyrings/wazuh.gpg
15	echo "deb [signed-by=/usr/share/keyrings/wazuh.gpg] https://packages.wazuh.com/4.x/apt/ stable main" \
16	> /etc/apt/sources.list.d/wazuh.list
17
18	apt-get update
19	WAZUH_MANAGER="${WAZUH_MANAGER}" WAZUH_AGENT_GROUP="${WAZUH_AGENT_GROUP}" \
20	apt-get install -y "wazuh-agent=${WAZUH_VERSION}"
21
22	systemctl daemon-reload
23	systemctl enable --now wazuh-agent
24
25	echo "agent enrolled against ${WAZUH_MANAGER} in group ${WAZUH_AGENT_GROUP}"