Global queries FIM - Investigate impact on installation/upgrade - Wazuh installation assistant

[c-bordon]

Description

The issue aims to investigate if the new files needs special handling in the installation of the Wazuh central components with the Wazuh installation assistant

With persistence

• /var/ossec/queue/indexer/wazuh-states-[index_name]-[cluster_name]

Without persistence

• /var/ossec/templates/[index_name]_states_template.json
• /var/ossec/templates/[index_name]_states_template.json
• /var/ossec/lib/libinventory_harvester.so

Tasks

• Investigate if these files need special handling in AIO installation with the Wazuh installation assistant
• Investigate if these files need special handling in distributed installation with the Wazuh installation assistant
• Investigate if we need to make changes for these updates in the ossec.conf Inventory harvester configuration wazuh#28217
• Make the necessary changes
• Test the installation methods

DRI

• @c-bordon

[fcaffieri]

After analyzing the wazuh-installation-assistant repository, no changes were detected for both AIO and Distributed installations.
The automations for AIO and Distributed cases were also analyzed, and no changes were detected.
This is because the installations are performed with default packages for the requested version.
The only thing we should keep in mind, and it will depend on the implementation of wazuh/wazuh#28217, is that if this configuration is not set as expected and desired by default, these changes will need to be applied in both installations, particularly in manager.sh and test-manager.sh. However, these changes will depend on how the new values are implemented in ossec.conf.
Once the changes have been implemented with packages and the branch, it would be important to perform some tests to detect if it is necessary to adapt the ossec.conf and validate that everything is generated correctly. The issue is moved to pending review, and the tests can be performed in a new one.