Skip to content

Development - Separate Agent/Manager - Docker - Adapt deployment #2207

New issue
New issue
Closed
#2220
Closed
Development - Separate Agent/Manager - Docker - Adapt deployment#2207
#2220
Assignees
vcerenu
Labels
level/taskSubtask issuetype/changeChange requested
@vcerenu

Description

@vcerenu
vcerenu
opened on Feb 6, 2026

Description

According to these premises:

  • Wazuh manager new install path: /var/wazuh-manager
  • Wazuh manager-specific artifacts rename:
    • ossec.conf wazuh-manager.conf
    • ossec.logwazuh-manager.log
  • Wazuh manager daemons rename to: wazuh-manager-*
  • References to server replaced with manager.
  • System users and groups:
    • wazuh → Agent
    • wazuh-manager → Manager

It is necessary to modify the paths, users, groups, and files mentioned within the deployment process files to adapt the current deployment to the changes that Wazuh manager will undergo.

Changes

wazuh-docker/multi-node/docker-compose.yml

  30,40:       - master-wazuh-api-configuration:/var/ossec/api/configuration
  31,26:       - master-wazuh-etc:/var/ossec/etc
  32,27:       - master-wazuh-logs:/var/ossec/logs
  33,28:       - master-wazuh-queue:/var/ossec/queue
  34,38:       - master-wazuh-var-multigroups:/var/ossec/var/multigroups
  35,38:       - master-wazuh-active-response:/var/ossec/active-response/bin
  36,29:       - master-wazuh-wodles:/var/ossec/wodles
  37,42:       - ./wazuh-certificates/root-ca.pem:/var/ossec/etc/certs/root-ca.pem
  38,47:       - ./wazuh-certificates/wazuh.master.pem:/var/ossec/etc/certs/server.pem
  39,51:       - ./wazuh-certificates/wazuh.master-key.pem:/var/ossec/etc/certs/server-key.pem
  63,40:       - worker-wazuh-api-configuration:/var/ossec/api/configuration
  64,26:       - worker-wazuh-etc:/var/ossec/etc
  65,27:       - worker-wazuh-logs:/var/ossec/logs
  66,28:       - worker-wazuh-queue:/var/ossec/queue
  67,38:       - worker-wazuh-var-multigroups:/var/ossec/var/multigroups
  68,38:       - worker-wazuh-active-response:/var/ossec/active-response/bin
  69,29:       - worker-wazuh-wodles:/var/ossec/wodles
  70,42:       - ./wazuh-certificates/root-ca.pem:/var/ossec/etc/certs/root-ca.pem
  71,47:       - ./wazuh-certificates/wazuh.worker.pem:/var/ossec/etc/certs/server.pem
  72,51:       - ./wazuh-certificates/wazuh.worker-key.pem:/var/ossec/etc/certs/server-key.pem

wazuh-docker/single-node/docker-compose.yml

  30,33:       - wazuh_api_configuration:/var/ossec/api/configuration
  31,19:       - wazuh_etc:/var/ossec/etc
  32,20:       - wazuh_logs:/var/ossec/logs
  33,21:       - wazuh_queue:/var/ossec/queue
  34,31:       - wazuh_var_multigroups:/var/ossec/var/multigroups
  35,31:       - wazuh_active_response:/var/ossec/active-response/bin
  36,22:       - wazuh_wodles:/var/ossec/wodles
  37,42:       - ./wazuh-certificates/root-ca.pem:/var/ossec/etc/certs/root-ca.pem
  38,48:       - ./wazuh-certificates/wazuh.manager.pem:/var/ossec/etc/certs/server.pem
  39,52:       - ./wazuh-certificates/wazuh.manager-key.pem:/var/ossec/etc/certs/server-key.pem

Tasks

  • Make the requested modifications
  • Test the Wazuh deployment with the new images

Depends on

Metadata

Metadata

Assignees

Labels

level/taskSubtask issuetype/changeChange requested

Type

No type

Projects

XDR+SIEM/Release 5.0.0

Status

Done

Milestone

No milestone

Relationships

None yet

Development

No branches or pull requests

Issue actions