Wazuh v4.10.0 Beta 1

Added

• Added documentation for the MDM Intune integration. (#7661)
• Added the agent uninstall RBAC action. (#7708)
• Added the anti_tampering configuration block documentation. (#7580)
• Added PowerPC package references back to the packages list. (#7724)
• Added dependencies to the dependency requirements in the Offline installation guide using the installation assistant. (#7931)
• Added wazuh.updates.disabled to the Wazuh dashboard settings reference document. (#7977)

Changed

• Replaced the commands to start and stop the Wazuh agent on macOS systems. (#7498)
• Updated the available options and examples for the MSI package generation command. (#7501)
• Updated the available SCA policies table. (#7698)
• Updated default and allowed chunk_size values for upgrading agents using wpk files. (#7717)
• Updated upgrading steps for Wazuh on Docker and Wazuh on Kubernetes deployments. (#7859)
• Replaced wazuh-packages repository references with wazuh-virtual-machines in the OVA generation guide. (#7926)
• Updated agent dashboard screenshots: Inventory, Stats, and Configuration. (#7942)
• Updated references for the new Wazuh dashboard Agents management section. (#7944)
• Replaced VirusTotal screenshot in the getting started guide. (#7946)
• Updated malware detection screenshots to include VirusTotal. (#7975)
• Updated Inventory Data page screenshots to reflect the newly added tabs: Software, Network, and Processes. (#7976 )
• Changed urllib3 dependency version to 1.26.20 and fixed references to the minimum Python version. (#7978)

Fixed

• Updated URL in Puppet agent installation step. (#7920)
• Added gnupg to the dependencies installation step in the Install Ansible guide. (#7932)
• Added step in the Upgrading Wazuh Docker guide. (#7929)

Removed

• Removed the step to disable the Wazuh manager service from the Uninstalling the Wazuh central components guide. (#7814)
• Removed wazuh-packages repository reference from release notes. (#7970)

Wazuh v4.10.0 Alpha 3

Added

• Added documentation for the MDM Intune integration. (#7661)
• Added the agent uninstall RBAC action. (#7708)
• Added the anti_tampering configuration block documentation. (#7580)
• Added PowerPC package references back to the packages list. (#7724)
• Added dependencies to the dependency requirements in the Offline installation guide using the installation assistant. (#7931)

Changed

• Replaced the commands to start and stop the Wazuh agent on macOS systems. (#7498)
• Updated the available options and examples for the MSI package generation command. (#7501)
• Updated the available SCA policies table. (#7698)
• Updated default and allowed chunk_size values for upgrading agents using wpk files. (#7717)
• Updated upgrading steps for Wazuh on Docker and Wazuh on Kubernetes deployments. (#7859)
• Replaced wazuh-packages repository references with wazuh-virtual-machines in the OVA generation guide. (#7926)
• Updated agent dashboard screenshots: Inventory, Stats, and Configuration. (#7942)
• Updated references for the new Wazuh dashboard Agents management section. (#7944)
• Replaced VirusTotal screenshot in the getting started guide. (#7946)

Fixed

• Updated URL in Puppet agent installation step. (#7920)
• Added gnupg to the dependencies installation step in the Install Ansible guide. (#7932)
• Added step in the Upgrading Wazuh Docker guide. (#7929)

Removed

• Removed the step to disable the Wazuh manager service from the Uninstalling the Wazuh central components guide. (#7814)
• Removed VirusTotal references (#7946)

Wazuh v4.9.2

Added

• Updated the API host default value. (#7933)

Wazuh v4.10.0 Alpha 2

Added

• Added documentation for the MDM Intune integration. (#7661)
• Added the agent uninstall RBAC action. (#7708)
• Added the anti_tampering configuration block documentation. (#7580)
• Added PowerPC package references back to the packages list. (#7724)

Changed

• Replaced the commands to start and stop the Wazuh agent on macOS systems. (#7498)
• Updated the available options and examples for the MSI package generation command. (#7501)
• Updated the available SCA policies table. (#7698)
• Updated default and allowed chunk_size values for upgrading agents using wpk files. (#7717)
• Updated upgrading steps for Wazuh on Docker and Wazuh on Kubernetes deployments. (#7859)

Removed

• Removed the step to disable the Wazuh manager service from the Uninstalling the Wazuh central components guide. (#7814)

Wazuh v4.9.1

Added

• Added dependency requirements to the offline installation guide. (#7755)
• Added SECURITY.md to the Wazuh documentation repository. (#7764)
• Added support for Python 3.12 in configuration steps. (#7673)
• Added ARM64 Wazuh manager package references to Packages list. (#7806)
• Added macOS Sequoia 15 to the Available SCA policies list. (#7864)

Changed

• Replaced Wazuh keystore password insertion commands with a safer method and added a new parameter to the list of available options. (#7593)
• Restored Wazuh dashboard package revision number. (#7762)

Fixed

• Added a step for creating a retention policy using the Visual editor in the Index life management section. (#7685)
• Fixed debugging command for the Wazuh dashboard. (#7769)
• Fixed Wazuh indexer repository reference in the Wazuh indexer package generation guide. (#7779)
• Fixed highlighting in Docker compose configuration file example. (#7867)

Removed

• Removed the command to delete opensearch_dashboards.yml in the Upgrading the Wazuh dashboard section. (#7777)
• Removed the step to delete ss4o index templates in Upgrading the Wazuh indexer. (#7810)

Wazuh v4.10.0 Alpha 1

Added

• Added documentation for the MDM Intune integration. (#7661)
• Added the agent uninstall RBAC action. (#7708)
• Added the anti_tampering configuration block documentation. (#7580)
• Added PowerPC package references back to the packages list. (#7724)

Changed

• Replaced the commands to start and stop the Wazuh agent on macOS systems. (#7498)
• Updated the available options and examples for the MSI package generation command. (#7501)
• Updated the available SCA policies table. (#7698)
• Updated default and allowed chunk_size values for upgrading agents using wpk files. (#7717)

Wazuh v4.9.0

Added

• Added AWS Security Hub section to the monitoring AWS based services documentation. (#7111) (#7649)
• Added custom Filebeat user information and deleted obsolete information about ossec.conf file on Wazuh server. (#7382)
• Added journald log collection documentation. (#7363)
• Added documentation for Wazuh dashboard Packages generation. (#7356)
• Added documentation for Wazuh Indexer Packages generation. (#7355)
• Added instructions to collect core dumps in Red Hat based endpoints. (#7347)
• Added documentation for Wazuh as a custom source for the Amazon Security Lake integration. (#7310) (#7586)
• Added instructions to collect core dumps in Windows endpoints. (#7299)
• Added python and pip installation templates. (#7298)
• Added a note to warns of default auditd rule in some system that prevent Wazuh from working properly. (#7291)
• Added core dumps collection documentation. (#7281)
• Added HAProxy helper documentation. (#7279) (#7403)
• Added ability to disable the edition of configuration through API endpoints and UI. (#7220)
• Added journald log format to localfile reference. (#7202)
• Added required dependencies for AIX agent installation. ([#7196]#7196)
• Added functionality to forward alerts to Fluentd. (#6691)
• Added the <forward_to> global option to the ossec.conf configuration reference. (#6974)
• Added guide to install Wazuh components offline using the assistant. (#6920) (#7571) (#7672)
• Added storage roles to the Creating Google Cloud credentials steps. (#7577)
• Added the NumPy dependency to the AWS prerequisites. (#7589)
• Updated the Available SCA policies table. (#7644) (#7697)
• Added a note advising on the minimum GCC compiler version required to build the Wazuh agent from source. (#7648)

Changed

• Updated note related to 'never,task' rule in auditd. (#7381)
• Update API script file name. (#7296)
• Updated syscollector scan minimum value (#7247)
• Updated new WPK paths and names. (#7246)
• Updated Windows agent GUI image. (#7241)
• Updated manual package generation documentation after package migration. (#7204)
• Removed the container path option and changed the container name in the Azure Storage use case to keep consistency with the values shown in the images. (#6835)
• Updated the /groups/{group_id}/files/{file_name} endpoint references. (#7006)
• Bumped cloud services Python minimum version to 3.8. (#7130)
• Changed the azure-storage-blob dependency version. (#7443)
• Updated single sign-on user administration section in the User manual to address OpenSearch changes. (#7630) (#7635)
• Updated the Google Cloud Platform posture management documentation. (#7668)
• Updated the Custom logos in the Wazuh dashboard documentation. (#7665) (#7678)
• Updated the Creating the wazuh-archives-* index pattern GIF image in the Event logging section of the Wazuh server documentation. (#7669).
• Updated the Wazuh agent documentation in User manual. (#7637)
• Updated the Wazuh server cluster documentation in User manual. (#7704)
• Updated the Wazuh dashboard documentation in User manual. (#7711)

Fixed

• Fix Amazon Security Lake Source integration validation step. (#7360)
• Updated commands in installing the Wazuh agent from sources section. (#6973)
• Fixed Indexer management and Dashboard management references. (#7583)
• Fixed the name of the property customization.logo.reports. (#7646)
• Fixed wazuh-template.json links. (#7652)

Removed

• Removed unreferenced files. (#7222)
• Removed the logs.level app setting and the references to the plugin log files and App logs application. (#6810)
• Removed PowerPC package references from the packages list. (#7684) (#7729)
• Removed references to Alpine Linux Wazuh agent installation and upgrade. (#7729)
• Removed the Policy monitoring capability section. (#7725)

Wazuh v4.8.2

Added

• Support for Wazuh 4.8.2

Wazuh v4.8.1

Added

• Added clarification about the conditions to trigger an alert. (#7506)

Changed

• Updated the available options table for wazuh-passwords-tool.sh. (#7412)
• Updated docker and urllib3 package version references. (#7483)
• Replaced :ref: with :doc: in AWS documentation. (#7487)

Fixed

• Fixed MS Graph module configuration example. (#7378)

Wazuh v4.8.0

Added

• Added the timeout and retries settings to the integratord configuration. (#6442)
• Added support for deploying with Ansible on Windows. (#6640)
• Added Wazuh v4.8.0 release notes. (#6550)
• Added the update_check configuration option. (#6673)
• Added the Filebeat deployment into Wazuh manager worker nodes for distributed deployments with Puppet. (#6872)
• Added keystore management tool section. (#7000) (#7072)
• Added available SCA policies in 4.8.0 version. (#7049)
• Added environment variable for Wazuh indexer in Wazuh on Docker deployment. (#6750) (#7057)
• Added step to remove the ss4o index templates from the Wazuh indexer upgrade guide. (#7093)
• Added deprecation notice for the cache Wazuh API configuration option. (#7106)
• Added warning about 4.8.0 upgrade. (#7135)
• Added the indexer configuration option to the Wazuh API documentation. (#7164)
• Added the offline-url vulnerability detection option to the Reference guide. (#7193)
• Added a note in the Reference guide about the <vulnerability-detector> change. (#7243)
• Added warning message about changing passwords for Docker and Kubernetes deployments. (#7321)
• Added sub-section about assigning multiple agents to a group in Grouping agents. (#7309)
• Added the vulnerability-detection.remediation_lru_size internal option to the reference guide. (#7339)
• Updated the list of supported Debian and Ubuntu operating system versions in the Deployment with Puppet guide. (#7331)
• Added steps to the password change process in the Deployment with Docker and Deployment with Kubernetes guides. (#7365)
• Added vulnerability detection configurations to the Upgrade guide. (#7369)
• Added the integrations -> virustotal -> public_key API configuration option. #7359

Changed

• Updated the logcollector.ip_update_interval setting in the Internal options documentation. (#6373)
• Updated OSD version to 2.10.0. (#6568)
• Updated dashboard settings screenshots. (#6711)
• Changed the Wazuh dashboard home URL in single sign on configuration to just the base path. (#6775) (#6809)
• Enhanced the description and examples of the discard_regex and field feature. (#6770)
• Changed custom branding configuration documents. (#6779)
• Changed the ssl_protocol options and default value. (#6790)
• Updated the minimum supported OS requirement for the Wazuh manager. (#6811)
• Changed the AWS pyarrow PIP dependency version. (#6814)
• Updated a step in Upgrading the Wazuh server. (#6879)
• Updated Filebeat module revision to 0.4. (#6861)
• Updated AWS, Azure, and GCP cloud security dependency installation steps. (#6847)
• Updated the vulnerability detection (VD) sections following the VD module refactor. (#6792) (#7046) (#7058)
• Updated screenshot and module reference from Security events to Threat Hunting in Amazon Security Lake section. (#6956)
• Improved steps in the Google Cloud Platform prerequisites section. (#6964)
• Updated Azure Diagnostics images. (#6987)
• Updated Azure Log Analytics images. (#7002)
• Updated installation-guide/wazuh-server/step-by-step considering configuration requirements for vulnerability detection. (#7149)
• Updated the user-manual/reference/unattended-installation section. (#7162)
• Changed Docker version requirement to 6.0.0. (#7133)
• Updated the Vulnerability detection PoC. (#7215)
• Replaced localhost occurrences. (#7234) (#7285)
• Updated the upgrading central components section. (#7273)
• Updated the Monitoring Office 365 audit logs section. (#7275)
• Updated Installing the Wazuh manager from sources with the latest vulnerability detection changes. (#7316)
• Updated screenshots and references to the new 4.8.0 interface look. (#7280)

Fixed

• Added the wazuh::repo class in Puppet manifest example in install Wazuh agent via Puppet section. (#6954)
• Removed steps to modify the number of shards from the offline installation guide. (#6958)
• Fixed password update step for distributed deployments. (#6967)
• Added fixes and updates to the MITRE ATT&CK framework section. (#6962)
• Modified master node address name to uppercase. (#7127)
• Added securing credentials steps to the Vulnerability detection capability section and the Upgrading central components section. (#7235)
• Replaced Wazuh app and Wazuh plugin references with Wazuh dashboard references. (#7274)

Removed

• Deprecated /vulnerability API endpoints. (#6738)
• Removed implicit id!=000 WQL filter in the search bar. (#6815)
• Removed launchctl unload step from macOS uninstalling manual. (#7123)
• Removed Wazuh_Ruleset.pdf references. (#7142)
• Removed documentation for the allow-os vulnerability detection option. (#7177)
• Removed the Migrating from OSSEC section. (#7301)
• Removed notes about the lack of multi-tenancy support in MS-Graph sections. (#7379)