Merge pull request #8936 from wazuh/enhancement/idr355-add-installation-guide-rework

Enhancement/idr355 add installation guide rework

Author: ayodeko

CHANGELOG.md

@@ -47,6 +47,7 @@ All notable changes to this project will be documented in this file.
 - **Post-release**: Updated 4.13.0 release notes entry. ([#8923](https://github.com/wazuh/wazuh-documentation/pull/8923)) ([#8925](https://github.com/wazuh/wazuh-documentation/pull/8925)) ([#8928](https://github.com/wazuh/wazuh-documentation/pull/8928))
 - **Post-release**: Updated steps in Upgrade Guide for exporting customizations from the Wazuh Dashboard. ([#8921](https://github.com/wazuh/wazuh-documentation/pull/8921))
 - **Post-release**: Updated references to Twitter. ([#8933](https://github.com/wazuh/wazuh-documentation/pull/8933))
+- **Post-release**: Updated the installation guide. ([#8936](https://github.com/wazuh/wazuh-documentation/pull/8936))
 
 ## [v4.12.0]
 

source/_templates/installations/disable-wazuh-updates.rst

@@ -1,32 +1,28 @@
 .. Copyright (C) 2015, Wazuh, Inc.
 
-.. note::
+We recommend disabling the Wazuh package repositories after installing all components on this server to prevent accidental upgrades.
 
-   **Recommended Action**: Disable Wazuh Updates.
+Execute the following command only after completing all installations:
 
-   We recommend disabling the Wazuh package repositories after installing all components on this server to prevent accidental upgrades.
+.. tabs::
 
-   Execute the following command only after completing all installations:
+   .. group-tab:: APT
 
-   .. tabs::
+      .. code-block:: console
 
-      .. group-tab:: APT
+         # sed -i "s/^deb /#deb /" /etc/apt/sources.list.d/wazuh.list
+         # apt update
 
-         .. code-block:: console
+   .. group-tab:: YUM
 
-            # sed -i "s/^deb /#deb /" /etc/apt/sources.list.d/wazuh.list
-            # apt update
+      .. code-block:: console
 
-      .. group-tab:: YUM
+         # sed -i "s/^enabled=1/enabled=0/" /etc/yum.repos.d/wazuh.repo
 
-         .. code-block:: console
+   .. group-tab:: DNF
 
-            # sed -i "s/^enabled=1/enabled=0/" /etc/yum.repos.d/wazuh.repo
+      .. code-block:: console
 
-      .. group-tab:: DNF
-
-         .. code-block:: console
-
-            # sed -i "s/^enabled=1/enabled=0/" /etc/yum.repos.d/wazuh.repo
+         # sed -i "s/^enabled=1/enabled=0/" /etc/yum.repos.d/wazuh.repo
 
 .. End of include file

source/_templates/installations/filebeat/opensearch/configure_filebeat.rst

@@ -1,18 +1,17 @@
 .. Copyright (C) 2015, Wazuh, Inc.
 
-#. ``hosts``: The list of Wazuh indexer nodes to connect to. You can use either IP addresses or hostnames. By default, the host is set to localhost ``hosts: ["127.0.0.1:9200"]``. Replace it with your Wazuh indexer address accordingly. 
-  
-    If you have more than one Wazuh indexer node, you can separate the addresses using commas. For example, ``hosts: ["10.0.0.1:9200", "10.0.0.2:9200", "10.0.0.3:9200"]`` 
+#. ``hosts``: The list of Wazuh indexer nodes to connect to. You can use either IP addresses or hostnames. By default, the host is set to localhost ``hosts: ["127.0.0.1:9200"]``. Replace your Wazuh indexer IP address accordingly.
 
-    .. code-block:: yaml
+   If you have more than one Wazuh indexer node, you can separate the addresses using commas. For example, ``hosts: ["10.0.0.1:9200", "10.0.0.2:9200", "10.0.0.3:9200"]``
+
+   .. code-block:: yaml
       :emphasize-lines: 3
 
-       # Wazuh - Filebeat configuration file
-       output.elasticsearch:
-       hosts: ["10.0.0.1:9200"]
-       protocol: https
-       username: ${username}
-       password: ${password}
-         
+      # Wazuh - Filebeat configuration file
+      output.elasticsearch:
+      hosts: ["10.0.0.1:9200"]
+      protocol: https
+      username: ${username}
+      password: ${password}
 
 .. End of include file

source/_templates/installations/filebeat/opensearch/copy_certificates_filebeat_wazuh_cluster.rst

@@ -2,16 +2,16 @@
 
 .. code-block:: console
 
-  # NODE_NAME=<SERVER_NODE_NAME>
+   # NODE_NAME=<SERVER_NODE_NAME>
 
 .. code-block:: console
-  
-  # mkdir /etc/filebeat/certs
-  # tar -xf ./wazuh-certificates.tar -C /etc/filebeat/certs/ ./$NODE_NAME.pem ./$NODE_NAME-key.pem ./root-ca.pem
-  # mv -n /etc/filebeat/certs/$NODE_NAME.pem /etc/filebeat/certs/filebeat.pem
-  # mv -n /etc/filebeat/certs/$NODE_NAME-key.pem /etc/filebeat/certs/filebeat-key.pem
-  # chmod 500 /etc/filebeat/certs
-  # chmod 400 /etc/filebeat/certs/*
-  # chown -R root:root /etc/filebeat/certs
-  
+
+   # mkdir /etc/filebeat/certs
+   # tar -xf ./wazuh-certificates.tar -C /etc/filebeat/certs/ ./$NODE_NAME.pem ./$NODE_NAME-key.pem ./root-ca.pem
+   # mv -n /etc/filebeat/certs/$NODE_NAME.pem /etc/filebeat/certs/filebeat.pem
+   # mv -n /etc/filebeat/certs/$NODE_NAME-key.pem /etc/filebeat/certs/filebeat-key.pem
+   # chmod 500 /etc/filebeat/certs
+   # chmod 400 /etc/filebeat/certs/*
+   # chown -R root:root /etc/filebeat/certs
+
 .. End of copy_certificates_filebeat_wazuh_cluster.rst

source/_templates/installations/indexer/common/configure_indexer_nodes.rst

@@ -1,12 +1,11 @@
 .. Copyright (C) 2015, Wazuh, Inc.
 
+#. Edit ``/etc/wazuh-indexer/opensearch.yml`` and replace the following values:
 
-#. Edit the ``/etc/wazuh-indexer/opensearch.yml`` configuration file and replace the following values: 
 
-    
-   #. ``network.host``:  Sets the address of this node for both HTTP and transport traffic. The node will bind to this address and use it as its publish address. Accepts an IP address or a hostname. 
-   
-      Use the same node address set in ``config.yml`` to create the SSL certificates. 
+   #. ``network.host``:  Sets the address of this node for both HTTP and transport traffic. The node will bind to this address and use it as its publish address. Accepts an IP address or a hostname.
+
+      Use the same node address set in ``config.yml`` to create the SSL certificates.
 
    #. ``node.name``: Name of the Wazuh indexer node as defined in the ``config.yml`` file. For example, ``node-1``.
 
@@ -19,15 +18,15 @@
         - "node-2"
         - "node-3"
 
-   #. ``discovery.seed_hosts:`` List of the addresses of the master-eligible nodes. Each element can be either an IP address or a hostname. You may leave this setting commented if you are configuring the Wazuh indexer as a single node. For multi-node configurations, uncomment this setting and set the IP addresses of each master-eligible node. 
+   #. ``discovery.seed_hosts:`` List of the addresses of the master-eligible nodes. Each element can be either an IP address or a hostname. You may leave this setting commented if you are configuring the Wazuh indexer as a single node. For multi-node configurations, uncomment this setting and set the IP addresses of each master-eligible node.
 
        .. code-block:: yaml
 
         discovery.seed_hosts:
           - "10.0.0.1"
           - "10.0.0.2"
           - "10.0.0.3"
-  
+
    #. ``plugins.security.nodes_dn``: List of the Distinguished Names of the certificates of all the Wazuh indexer cluster nodes. Uncomment the lines for ``node-2`` and ``node-3`` and change the common names (CN) and values according to your settings and your ``config.yml`` definitions.
 
       .. code-block:: yaml

source/_templates/installations/indexer/common/deploy_certificates.rst

@@ -1,22 +1,25 @@
 .. Copyright (C) 2015, Wazuh, Inc.
 
+#. Run the following commands, replacing ``<INDEXER_NODE_NAME>`` with the name of the Wazuh indexer node you are configuring as defined in ``config.yml``. For example, ``node-1``. This deploys the SSL certificates to encrypt communications between the Wazuh central components.
 
-#. Run the following commands replacing ``<INDEXER_NODE_NAME>`` with the name of the Wazuh indexer node you are configuring as defined in ``config.yml``. For example, ``node-1``. This deploys the SSL certificates to encrypt communications between the Wazuh central components.
+   .. code-block:: console
+
+      # NODE_NAME=<INDEXER_NODE_NAME>
+
+   .. code-block:: console
+
+      # mkdir /etc/wazuh-indexer/certs
+      # tar -xf ./wazuh-certificates.tar -C /etc/wazuh-indexer/certs/ ./$NODE_NAME.pem ./$NODE_NAME-key.pem ./admin.pem ./admin-key.pem ./root-ca.pem
+      # mv -n /etc/wazuh-indexer/certs/$NODE_NAME.pem /etc/wazuh-indexer/certs/indexer.pem
+      # mv -n /etc/wazuh-indexer/certs/$NODE_NAME-key.pem /etc/wazuh-indexer/certs/indexer-key.pem
+      # chmod 500 /etc/wazuh-indexer/certs
+      # chmod 400 /etc/wazuh-indexer/certs/*
+      # chown -R wazuh-indexer:wazuh-indexer /etc/wazuh-indexer/certs
+
+#. **Recommended action**: If no other Wazuh components will be installed on this node, run the following command to remove the ``wazuh-certificates.tar`` file.
 
    .. code-block:: console
 
-     # NODE_NAME=<INDEXER_NODE_NAME>
-
-   .. code-block:: console 
-     
-     # mkdir /etc/wazuh-indexer/certs
-     # tar -xf ./wazuh-certificates.tar -C /etc/wazuh-indexer/certs/ ./$NODE_NAME.pem ./$NODE_NAME-key.pem ./admin.pem ./admin-key.pem ./root-ca.pem
-     # mv -n /etc/wazuh-indexer/certs/$NODE_NAME.pem /etc/wazuh-indexer/certs/indexer.pem
-     # mv -n /etc/wazuh-indexer/certs/$NODE_NAME-key.pem /etc/wazuh-indexer/certs/indexer-key.pem
-     # chmod 500 /etc/wazuh-indexer/certs
-     # chmod 400 /etc/wazuh-indexer/certs/*
-     # chown -R wazuh-indexer:wazuh-indexer /etc/wazuh-indexer/certs
-    
-#. **Recommended action**: If no other Wazuh components are going to be installed on this node, remove the ``wazuh-certificates.tar`` file by running ``rm -f ./wazuh-certificates.tar`` to increase security.
+      # rm -f ./wazuh-certificates.tar
 
 .. End of include file

source/_templates/installations/indexer/common/install-dependencies.rst

@@ -1,6 +1,6 @@
 .. Copyright (C) 2015, Wazuh, Inc.
 
-#. Install the following packages if missing:
+#. Run the following command to install the following packages if missing:
 
    .. tabs::
 

source/_templates/installations/manager/configure_indexer_connection.rst

@@ -23,7 +23,7 @@ By default, the indexer settings have one host configured. It's set to ``0.0.0.0
 
 - Ensure the Filebeat certificate and key name match the certificate files in ``/etc/filebeat/certs``.
 
-If you are running a cluster infrastructure, add a ``<host>`` entry for each one of your nodes. For example, in a two-node configuration:
+If you are running a Wazuh indexer cluster infrastructure, add a ``<host>`` entry for each one of your nodes. For example, in a two-node configuration:
 
 .. code-block:: xml
 
@@ -32,6 +32,6 @@ If you are running a cluster infrastructure, add a ``<host>`` entry for each one
      <host>https://10.0.0.2:9200</host>
    </hosts>
 
-Vulnerability detection prioritizes reporting to the first node in the list. It switches to the next node in case it is not available.
+The Wazuh server prioritizes reporting to the first Wazuh indexer node in the list. It switches to the next node in case it is not available.
 
 .. End of include file

source/_templates/installations/manager/configure_wazuh_worker_node.rst

@@ -1,22 +1,22 @@
 .. Copyright (C) 2015, Wazuh, Inc.
 
-Configure the cluster node by editing the following settings in the ``/var/ossec/etc/ossec.conf`` file.
+Configure the cluster node by editing the following settings in the ``/var/ossec/etc/ossec.conf`` file and configure the necessary parameters:
 
 .. code-block:: xml
 
-  <cluster>
-      <name>wazuh</name>
-      <node_name>worker-node</node_name>
-      <node_type>worker</node_type>
-      <key>c98b62a9b6169ac5f67dae55ae4a9088</key>      
-      <port>1516</port>
-      <bind_addr>0.0.0.0</bind_addr>
-      <nodes>
-          <node><WAZUH_MASTER_ADDRESS></node>
-      </nodes>
-      <hidden>no</hidden>
-      <disabled>no</disabled>
-  </cluster>
+   <cluster>
+       <name>wazuh</name>
+       <node_name>worker-node</node_name>
+       <node_type>worker</node_type>
+       <key>c98b62a9b6169ac5f67dae55ae4a9088</key>
+       <port>1516</port>
+       <bind_addr>0.0.0.0</bind_addr>
+       <nodes>
+           <node><WAZUH_MASTER_ADDRESS></node>
+       </nodes>
+       <hidden>no</hidden>
+       <disabled>no</disabled>
+   </cluster>
 
 Parameters to be configured:
 

source/_templates/installations/manager/restart_wazuh_manager.rst

@@ -2,20 +2,17 @@
 
 .. tabs::
 
+   .. group-tab:: Systemd
 
-  .. group-tab:: Systemd
+      .. code-block:: console
 
+         # systemctl restart wazuh-manager
 
-    .. code-block:: console
+   .. group-tab:: SysV init
 
-      # systemctl restart wazuh-manager
+      .. code-block:: console
 
-
-  .. group-tab:: SysV init
-
-    .. code-block:: console
-
-      # service wazuh-manager restart
+         # service wazuh-manager restart
 
 .. End of include file