Deploy Wazuh agents using Powershell

wazuh-deployment.ps1

param (
    #Mandatory
    [switch]$Elevated,
    [string]$address = "", #Wazuh Server IP

    #Optionals
    [string]$app_folder = "",
    [string]$port = "1514",
    [string]$protocol = "tcp",
    [string]$auth_server = "",
    [string]$auth_port = "1515",
    [string]$password = "",
    [string]$group = "",
    [string]$agent_name = $env:computername,
    [Int]$use_fqdns = 0,
    [Int]$prompt_agent_name = 0,
    switch]$help
    )

if(($help.isPresent)) {
    "
    Usage: agent_deploy.ps1 -server_ip Manager_IP -ossec_exe installer name
    Arguments description:
        Mandatory:
            -address server.example.com Wazuh Manager Hostname
        Optionals:
            -app_folder Installation path
            -port Wazuh manager connection port (default: 1514)
            -protocol Wazuh manager connection protocol (default: udp)
            -auth_server authd registration address (default: same as address)
            -auth_protocol authd registration port (default: 1515)
            -password authd shared password (default: null)
            -agent_name Wazuh Agent Name [Default windows hostname or FQDNS if use_fqdns is enable]
            -use_fqdns [0|1] Use FQDNS for Agent Name [Default: 0]
            -prompt_agent_name [0|1] Prompt to enter Agent name [Default: 0]
            -help print this message
    "
    Exit
}

# Common variables
$installer_url = "https://packages.wazuh.com/3.x/windows/wazuh-agent-3.12.2-1.msi"
$installer_md5 = "DC64C8BEE53DF0430E9E03E578BA334D"
$installer_filename = $installer_url.Substring($installer_url.LastIndexOf("/") + 1)
$Wazuh_msi = (Get-Item -Path ".\" -Verbose).FullName+"\$installer_filename"
$Wazuh_service = 'OssecSvc'
$protocol = $protocol.ToLower()

Write-Host "Auth_server selected: $auth_server"

if($auth_server -eq ""){
    Write-Host "Empty auth_server, using address: $address"
    $auth_server = $address
}
if($use_fqdns){
    $agent_name = [System.Net.Dns]::GetHostEntry([string]$env:computername).HostName
}

Write-Host "Auth_server to be used: $auth_server"


# Opening powershell as Administrator
if (!([Security.Principal.WindowsPrincipal][Security.Principal.WindowsIdentity]::GetCurrent()).IsInRole([Security.Principal.WindowsBuiltInRole] "Administrator")) {
       Write-Host "This script requires Administrator privileges"
       Write-Host "Press any key to continue ..."
       $x = $host.UI.RawUI.ReadKey("NoEcho,IncludeKeyDown")
       Exit
}

# Checking Administrator privilegies
function Test-Admin {
  $currentUser = New-Object Security.Principal.WindowsPrincipal $([Security.Principal.WindowsIdentity]::GetCurrent())
  $currentUser.IsInRole([Security.Principal.WindowsBuiltinRole]::Administrator)
}
if ((Test-Admin) -eq $false)  {
       Write-Host "This script requires Administrator privileges."
       Write-Host "Press any key to continue ..."
       $x = $host.UI.RawUI.ReadKey("NoEcho,IncludeKeyDown")
       Exit
}

# Checking arguments
if($address -eq "" ){
    Write-Host "-address is required. Try -help to display arguments list."
    Write-Host "Press any key to continue ..."
    $x = $host.UI.RawUI.ReadKey("NoEcho,IncludeKeyDown")
    Exit
}

#################
# Aux functions
#################

function AgentName
{
    $read_agent_name = ""
    while(!($read_agent_name -match "^[A-Za-z0-9\\-_]+$") -Or !($read_agent_name.length -gt 2 -And $read_agent_name.length -lt 33)){
        $read_agent_name = Read-Host 'Enter Wazuh Agent name (Name must contain only alphanumeric characters min=2 max=32)'
    }
    $read_agent_name
}

# Check for already Wazuh installed
Get-Service -Name $Wazuh_service -ErrorAction SilentlyContinue | Restart-Service -ErrorAction SilentlyContinue
if ($? -eq $true) {
  Write-Host "INFO: Wazuh SERVICE already installed. Reinstalling."
}

# Prompt: Agent name
if($prompt_agent_name){
    $agent_name = AgentName
}

# Download Wazuh Agent installer
Write-Host "Downloading Wazuh Agent installer."
$downloader = New-Object System.Net.WebClient
$downloaded = $downloader.DownloadFile($installer_url, $Wazuh_msi)


# Verifying installer checksum
if(Test-Path -Path $Wazuh_msi){
  $md5 = New-Object -TypeName System.Security.Cryptography.MD5CryptoServiceProvider
  $hash = [System.BitConverter]::ToString($md5.ComputeHash([System.IO.File]::ReadAllBytes($Wazuh_msi))).ToLower() -replace '-',''
  if ($hash -ne $installer_md5){
    Write-Host "Wazuh Installer bad checksum, please try again."
    Exit
  }
  Write-Host "Wazuh Installer downloaded correctly, saved in $Wazuh_msi."
} else {
  Write-Host "Wazuh Installer not downloaded, please try again."
  Exit
}

# Generate installation path.
if (${env:ProgramFiles(x86)} -ne $null) {
    $app_folder = ${env:ProgramFiles(x86)}+"\ossec-agent\"
} else {
    $app_folder = $env:ProgramFiles+"\ossec-agent\"
}

# Filling up MSI installer arguments
$all_args = @(
    "/i $Wazuh_msi"
    "/q"
    "ADDRESS=`"$address`""
    "AUTHD_SERVER=`"$auth_server`""
    "AGENT_NAME=`"$agent_name`""
    "GROUP=`"$group`""
)

# Installing and registering Wazuh Agent
if(Test-Path -Path "$Wazuh_msi"){
    Write-Host "executing command as: $all_args"
  Start-Process "msiexec.exe" -ArgumentList $all_args -Wait
}else{
    Write-Host "Wazuh Executable does not exist: $run"
    Exit 1001
}

# Restart Wazuh agent.
Write-Host "Restarting agent... "
Start-Sleep -s 5
Get-Service -Name $Wazuh_service -ErrorAction SilentlyContinue | Restart-Service -ErrorAction SilentlyContinue

Write-Host "Wazuh Agent has been registered and installed"