wazuh-kibana-app/server/initialize.js

const needle = require('needle');

// Colors for console logging 
const colors    = require('ansicolors');
const blueWazuh = colors.blue('wazuh');

const OBJECTS_FILE = 'integration_files/objects_file.json';

module.exports = (server, options) => {

	// Elastic JS Client
	const elasticRequest = server.plugins.elasticsearch.getCluster('data');

	//const uiSettings = server.uiSettings();

	// Initialize variables
	let index_pattern = "wazuh-alerts-*";

	// External files template or objects


	// Initialize objects
	let objects     = {};
	let packageJSON =  {};

	// Read config from package JSON
	try {
		packageJSON = require('../package.json');
	} catch (e) {
		server.log([blueWazuh, 'initialize', 'error'], 'Could not read the Wazuh package file.');
	}

	// Save Wazuh App first set up for future executions
	const saveConfiguration = function (type) {
		let configuration = {
			"name": "Wazuh App",
			"app-version": packageJSON.version,
			"revision": packageJSON.revision,
			"installationDate": new Date().toISOString()
		};

		if (type == "install") {
			elasticRequest.callWithInternalUser('create', {
				index: ".wazuh-version",
				type: 'wazuh-version',
				id: 1,
				body: configuration
			}).then(
				function () {
					server.log([blueWazuh, 'initialize', 'info'], 'Wazuh configuration inserted');
				},
				function () {
					server.log([blueWazuh, 'initialize', 'error'], 'Could not insert Wazuh configuration');
				}
			);
		}
	};

	// Importing Wazuh built-in visualizations and dashboards
	const importObjects = function (id) {
		server.log([blueWazuh, 'initialize', 'info'], 'Importing objects (Searches, visualizations and dashboards) into Elasticsearch...');

		try {
			objects = require(OBJECTS_FILE);
		} catch (e) {
			server.log([blueWazuh, 'initialize', 'error'], 'Could not read the objects file.');
			server.log([blueWazuh, 'initialize', 'error'], 'Path: ' + OBJECTS_FILE);
			server.log([blueWazuh, 'initialize', 'error'], 'Exception: ' + e);
		}

		var body = '';
		objects.forEach(function (element) {
			body += '{ "index":  { "_index": ".kibana", "_type": "doc", "_id": "' + element._type + ':' + element._id + '" } }\n';
			var temp = {}
			var aux = JSON.stringify(element._source);
			aux = aux.replace("wazuh-alerts", id);
			aux = JSON.parse(aux);
			temp[element._type] = aux;
			if (temp[element._type].kibanaSavedObjectMeta.searchSourceJSON.index) temp[element._type].kibanaSavedObjectMeta.searchSourceJSON.index = id;
			temp["type"] = element._type;
			body += JSON.stringify(temp) + "\n";
		});
		elasticRequest.callWithInternalUser('bulk', {
			index: '.kibana',
			body: body
		}).then(function () {
			elasticRequest.callWithInternalUser('indices.refresh', {
				index: ['.kibana', index_pattern]
			});
			server.log([blueWazuh, 'initialize', 'info'], 'Templates, mappings, index patterns, visualizations, searches and dashboards were successfully installed. App ready to be used.');
		}, function (err) {
			server.log([blueWazuh, 'server', 'error'], 'Error importing objects into elasticsearch. Bulk request failed.');
		});
	};

	// Setting default index pattern
	const setDefaultKibanaSettings = function (id) {
		server.log([blueWazuh, 'initialize', 'info'], 'Setting Kibana default values: Index pattern, time picker and metaFields...');

		// Call the internal API and wait for the response
		var options = {
			headers: {
				'kbn-version': packageJSON.kibana.version
			},
			json: true
		}

		var body = {
			"value": id
		}

		needle('post', 'http://localhost:' + server.info.port + '/api/kibana/settings/defaultIndex', body, options).then(function (resp) {
			server.log([blueWazuh, 'initialize', 'info'], 'Wazuh index-pattern successfully set to default.');
		}).catch(function (err) {
			server.log([blueWazuh, 'error'], 'Could not default Wazuh index-pattern.');
		});
	};

	// Create index pattern
	const createIndexPattern = function () {
		server.log([blueWazuh, 'initialize', 'info'], 'Creating index pattern: ' + index_pattern);

		// Call the internal API and wait for the response
		var options = {
			headers: {
				'kbn-version': packageJSON.kibana.version
			},
			json: true
		}

		var body = {
			attributes: {
				title: index_pattern,
				timeFieldName: '@timestamp'
			}
		};

		needle('post', 'http://localhost:' + server.info.port + '/api/saved_objects/index-pattern', body, options).then(function (resp) {
			server.log([blueWazuh, 'initialize', 'info'], 'Successfully created index-pattern.');
			// Set the index-pattern as default in the Kibana configuration
			setDefaultKibanaSettings(resp.body.id);
			// Import objects (dashboards and visualizations) CAREFUL HERE, WE HAVE TO MANAGE SUCESIVE APP INITIATIONS!!!
			importObjects(resp.body.id);
		}).catch(function (err) {
			server.log([blueWazuh, 'initialize', 'error'], 'Error creating index-pattern.');
		});
	};

	// Configure Kibana status: Index pattern, default index pattern, default time, import dashboards.
	const configureKibana = function (type) {
		if (type == "install") {
			// Create Index Pattern > Set it as default > Set default time
			elasticRequest.callWithInternalUser('search', {
				index: '.kibana',
				type: 'index-pattern',
				q: 'title:"wazuh-alerts-*"'
			}).then(
				function (data) {
					if (data.hits.total >= 1) {
						server.log([blueWazuh, 'initialize', 'info'], 'Skipping index-pattern creation. Already exists.');
					} else {
						createIndexPattern();
					}
				},
				function (error) {
					server.log([blueWazuh, 'initialize', 'error'], 'Could not reach elasticsearch.');
				});
		}
		// Save Setup Info
		saveConfiguration(type);
	};

	// Init function. Check for "wazuh-version" document existance.
	const init = function () {
		elasticRequest.callWithInternalUser('indices.exists', {
			index: '.wazuh'
		}).then(
			function (result) {
				if (!result) {
					elasticRequest.callWithInternalUser('indices.create', {
						index: '.wazuh'
					}).then(
						function () {
							server.log([blueWazuh, 'initialize', 'info'], 'Index .wazuh created.');
						},
						function () {
							server.log([blueWazuh, 'initialize', 'error'], 'Error creating index .wazuh.');
						});
				}
			},
			function () {
				server.log([blueWazuh, 'initialize', 'error'], 'Could not check if the index .wazuh exists.');
			});
		elasticRequest.callWithInternalUser('get', {
			index: ".wazuh-version",
			type: "wazuh-version",
			id: "1"
		}).then(
			function (data) {
				server.log([blueWazuh, 'initialize', 'info'], 'Wazuh-configuration document already exists. Nothing to be done.');
			},
			function (data) {
				server.log([blueWazuh, 'initialize', 'info'], 'Wazuh-configuration document does not exist. Initializating configuration...');
				configureKibana("install");
			}
		);
	};

	// Wait until Kibana index is created / loaded and initialize Wazuh App
	const checkKibanaIndex = () => {
		elasticRequest
		.callWithInternalUser('exists', {
			index: ".kibana",
			id:    packageJSON.kibana.version,
			type:  "config"
		})
		.then((data) => server.plugins.elasticsearch.waitUntilReady())
		.then(() => init())
		.catch((error) => {
			server.log([blueWazuh, 'initialize', 'info'], 
						'Waiting index ".kibana" to be created and prepared....');
			setTimeout(() => checkKibanaIndex(), 3000);
		});
	};

	// Check Kibana index and if it is prepared, start the initialization of Wazuh App.
	checkKibanaIndex();
};
Fix wrong promises chaining 2017-10-27 09:07:38 +00:00			`const needle = require('needle');`

			`// Colors for console logging`
			`const colors = require('ansicolors');`
			`const blueWazuh = colors.blue('wazuh');`

			`const OBJECTS_FILE = 'integration_files/objects_file.json';`

			`module.exports = (server, options) => {`

Fixes because 5.2.0 Kibana upgrade. Friendly URLs done. 2017-02-01 21:06:05 +00:00			`// Elastic JS Client`
Elasticsearch JS migrated to internal Kibana callWithRequest/callWithInternalUser 2017-03-31 17:34:08 +00:00			`const elasticRequest = server.plugins.elasticsearch.getCluster('data');`
Fixes, adapt to Kibana version 5.1.1 2016-12-13 15:32:35 +00:00
Fix wrong promises chaining 2017-10-27 09:07:38 +00:00			`//const uiSettings = server.uiSettings();`
Fixes, adapt to Kibana version 5.1.1 2016-12-13 15:32:35 +00:00
Initialize.js encoding win to unix 2016-12-05 16:59:53 +00:00			`// Initialize variables`
Fix wrong promises chaining 2017-10-27 09:07:38 +00:00			`let index_pattern = "wazuh-alerts-*";`
Fixed relative paths for loading objects 2016-12-15 12:07:06 +00:00
Rework to Manager: Status. Agents cards updated 2017-01-25 20:33:44 +00:00			`// External files template or objects`
Fix wrong promises chaining 2017-10-27 09:07:38 +00:00
Fixed relative paths for loading objects 2016-12-15 12:07:06 +00:00
Rework to Manager: Status. Agents cards updated 2017-01-25 20:33:44 +00:00			`// Initialize objects`
Fix wrong promises chaining 2017-10-27 09:07:38 +00:00			`let objects = {};`
			`let packageJSON = {};`
Fixes, adapt to Kibana version 5.1.1 2016-12-13 15:32:35 +00:00
Rework to Manager: Status. Agents cards updated 2017-01-25 20:33:44 +00:00			`// Read config from package JSON`
Mayor fixes to backend 2017-09-29 05:26:18 +00:00			`try {`
Fix wrong promises chaining 2017-10-27 09:07:38 +00:00			`packageJSON = require('../package.json');`
			`} catch (e) {`
			`server.log([blueWazuh, 'initialize', 'error'], 'Could not read the Wazuh package file.');`
			`}`
Mayor fixes to backend 2017-09-29 05:26:18 +00:00
			`// Save Wazuh App first set up for future executions`
Fix wrong promises chaining 2017-10-27 09:07:38 +00:00			`const saveConfiguration = function (type) {`
			`let configuration = {`
			`"name": "Wazuh App",`
			`"app-version": packageJSON.version,`
			`"revision": packageJSON.revision,`
			`"installationDate": new Date().toISOString()`
			`};`

			`if (type == "install") {`
			`elasticRequest.callWithInternalUser('create', {`
			`index: ".wazuh-version",`
			`type: 'wazuh-version',`
			`id: 1,`
			`body: configuration`
			`}).then(`
Settings new tabs. Revision version added. Wazuh monitoring index pattern pushed. 2017-02-14 12:37:51 +00:00			`function () {`
Mayor fixes to backend 2017-09-29 05:26:18 +00:00			`server.log([blueWazuh, 'initialize', 'info'], 'Wazuh configuration inserted');`
Fix wrong promises chaining 2017-10-27 09:07:38 +00:00			`},`
			`function () {`
Mayor fixes to backend 2017-09-29 05:26:18 +00:00			`server.log([blueWazuh, 'initialize', 'error'], 'Could not insert Wazuh configuration');`
Fixing backend for Kibana 6.0.0. In progress 2017-10-11 06:45:57 +00:00			`}`
			`);`
Importing configuration from .kibana index and using .wazuh index 2017-07-22 09:45:58 +00:00			`}`
Fix wrong promises chaining 2017-10-27 09:07:38 +00:00			`};`

Fixing backend for Kibana 6.0.0. In progress 2017-10-11 06:45:57 +00:00			`// Importing Wazuh built-in visualizations and dashboards`
Fix wrong promises chaining 2017-10-27 09:07:38 +00:00			`const importObjects = function (id) {`
Increase Kibana version to match latest 2017-05-09 09:44:46 +00:00			`server.log([blueWazuh, 'initialize', 'info'], 'Importing objects (Searches, visualizations and dashboards) into Elasticsearch...');`
Mayor fixes to backend 2017-09-29 05:26:18 +00:00
Increase Kibana version to match latest 2017-05-09 09:44:46 +00:00			`try {`
Fix wrong promises chaining 2017-10-27 09:07:38 +00:00			`objects = require(OBJECTS_FILE);`
Increase Kibana version to match latest 2017-05-09 09:44:46 +00:00			`} catch (e) {`
			`server.log([blueWazuh, 'initialize', 'error'], 'Could not read the objects file.');`
			`server.log([blueWazuh, 'initialize', 'error'], 'Path: ' + OBJECTS_FILE);`
			`server.log([blueWazuh, 'initialize', 'error'], 'Exception: ' + e);`
			`}`
Settings new tabs. Revision version added. Wazuh monitoring index pattern pushed. 2017-02-14 12:37:51 +00:00
Increase Kibana version to match latest 2017-05-09 09:44:46 +00:00			`var body = '';`
			`objects.forEach(function (element) {`
Fix wrong promises chaining 2017-10-27 09:07:38 +00:00			`body += '{ "index": { "_index": ".kibana", "_type": "doc", "_id": "' + element._type + ':' + element._id + '" } }\n';`
Loading visualizations and dashboards in Kibana 6.0.0 2017-10-26 03:29:43 +00:00			`var temp = {}`
			`var aux = JSON.stringify(element._source);`
			`aux = aux.replace("wazuh-alerts", id);`
			`aux = JSON.parse(aux);`
			`temp[element._type] = aux;`
			`if (temp[element._type].kibanaSavedObjectMeta.searchSourceJSON.index) temp[element._type].kibanaSavedObjectMeta.searchSourceJSON.index = id;`
			`temp["type"] = element._type;`
			`body += JSON.stringify(temp) + "\n";`
Increase Kibana version to match latest 2017-05-09 09:44:46 +00:00			`});`
Fix wrong promises chaining 2017-10-27 09:07:38 +00:00			`elasticRequest.callWithInternalUser('bulk', {`
Increase Kibana version to match latest 2017-05-09 09:44:46 +00:00			`index: '.kibana',`
			`body: body`
			`}).then(function () {`
Fix wrong promises chaining 2017-10-27 09:07:38 +00:00			`elasticRequest.callWithInternalUser('indices.refresh', {`
			`index: ['.kibana', index_pattern]`
			`});`
Increase Kibana version to match latest 2017-05-09 09:44:46 +00:00			`server.log([blueWazuh, 'initialize', 'info'], 'Templates, mappings, index patterns, visualizations, searches and dashboards were successfully installed. App ready to be used.');`
			`}, function (err) {`
			`server.log([blueWazuh, 'server', 'error'], 'Error importing objects into elasticsearch. Bulk request failed.');`
			`});`
Fix wrong promises chaining 2017-10-27 09:07:38 +00:00			`};`
Initialize.js encoding win to unix 2016-12-05 16:59:53 +00:00
Mayor fixes to backend 2017-09-29 05:26:18 +00:00			`// Setting default index pattern`
Fix wrong promises chaining 2017-10-27 09:07:38 +00:00			`const setDefaultKibanaSettings = function (id) {`
			`server.log([blueWazuh, 'initialize', 'info'], 'Setting Kibana default values: Index pattern, time picker and metaFields...');`

Fixing backend for Kibana 6.0.0. In progress 2017-10-11 06:45:57 +00:00			`// Call the internal API and wait for the response`
Fix wrong promises chaining 2017-10-27 09:07:38 +00:00			`var options = {`
			`headers: {`
			`'kbn-version': packageJSON.kibana.version`
			`},`
			`json: true`
			`}`
Mayor fixes to backend 2017-09-29 05:26:18 +00:00
Fix wrong promises chaining 2017-10-27 09:07:38 +00:00			`var body = {`
			`"value": id`
			`}`
Mayor fixes to backend 2017-09-29 05:26:18 +00:00
Fix wrong promises chaining 2017-10-27 09:07:38 +00:00			`needle('post', 'http://localhost:' + server.info.port + '/api/kibana/settings/defaultIndex', body, options).then(function (resp) {`
Fixing index-pattern check to fit Kibana new internal structure 2017-10-03 06:37:18 +00:00			`server.log([blueWazuh, 'initialize', 'info'], 'Wazuh index-pattern successfully set to default.');`
Fix wrong promises chaining 2017-10-27 09:07:38 +00:00			`}).catch(function (err) {`
Mayor fixes to backend 2017-09-29 05:26:18 +00:00			`server.log([blueWazuh, 'error'], 'Could not default Wazuh index-pattern.');`
			`});`
Fix wrong promises chaining 2017-10-27 09:07:38 +00:00			`};`
Mayor fixes to backend 2017-09-29 05:26:18 +00:00
			`// Create index pattern`
Fix wrong promises chaining 2017-10-27 09:07:38 +00:00			`const createIndexPattern = function () {`
			`server.log([blueWazuh, 'initialize', 'info'], 'Creating index pattern: ' + index_pattern);`
Mayor fixes to backend 2017-09-29 05:26:18 +00:00
Fixing backend for Kibana 6.0.0. In progress 2017-10-11 06:45:57 +00:00			`// Call the internal API and wait for the response`
Fix wrong promises chaining 2017-10-27 09:07:38 +00:00			`var options = {`
			`headers: {`
			`'kbn-version': packageJSON.kibana.version`
			`},`
			`json: true`
			`}`
Mayor fixes to backend 2017-09-29 05:26:18 +00:00
Fix wrong promises chaining 2017-10-27 09:07:38 +00:00			`var body = {`
			`attributes: {`
			`title: index_pattern,`
			`timeFieldName: '@timestamp'`
			`}`
			`};`
Mayor fixes to backend 2017-09-29 05:26:18 +00:00
Fix wrong promises chaining 2017-10-27 09:07:38 +00:00			`needle('post', 'http://localhost:' + server.info.port + '/api/saved_objects/index-pattern', body, options).then(function (resp) {`
Fixing index-pattern check to fit Kibana new internal structure 2017-10-03 06:37:18 +00:00			`server.log([blueWazuh, 'initialize', 'info'], 'Successfully created index-pattern.');`
Fixing backend for Kibana 6.0.0. In progress 2017-10-11 06:45:57 +00:00			`// Set the index-pattern as default in the Kibana configuration`
Mayor fixes to backend 2017-09-29 05:26:18 +00:00			`setDefaultKibanaSettings(resp.body.id);`
Loading visualizations and dashboards in Kibana 6.0.0 2017-10-26 03:29:43 +00:00			`// Import objects (dashboards and visualizations) CAREFUL HERE, WE HAVE TO MANAGE SUCESIVE APP INITIATIONS!!!`
			`importObjects(resp.body.id);`
Fix wrong promises chaining 2017-10-27 09:07:38 +00:00			`}).catch(function (err) {`
Fixing backend for Kibana 6.0.0. In progress 2017-10-11 06:45:57 +00:00			`server.log([blueWazuh, 'initialize', 'error'], 'Error creating index-pattern.');`
Mayor fixes to backend 2017-09-29 05:26:18 +00:00			`});`
Fix wrong promises chaining 2017-10-27 09:07:38 +00:00			`};`
Mayor fixes to backend 2017-09-29 05:26:18 +00:00
			`// Configure Kibana status: Index pattern, default index pattern, default time, import dashboards.`
Fix wrong promises chaining 2017-10-27 09:07:38 +00:00			`const configureKibana = function (type) {`
			`if (type == "install") {`
Mayor fixes to backend 2017-09-29 05:26:18 +00:00			`// Create Index Pattern > Set it as default > Set default time`
Fix wrong promises chaining 2017-10-27 09:07:38 +00:00			`elasticRequest.callWithInternalUser('search', {`
			`index: '.kibana',`
			`type: 'index-pattern',`
			`q: 'title:"wazuh-alerts-*"'`
			`}).then(`
Mayor fixes to backend 2017-09-29 05:26:18 +00:00			`function (data) {`
Fixing backend for Kibana 6.0.0. In progress 2017-10-11 06:45:57 +00:00			`if (data.hits.total >= 1) {`
Fixing index-pattern check to fit Kibana new internal structure 2017-10-03 06:37:18 +00:00			`server.log([blueWazuh, 'initialize', 'info'], 'Skipping index-pattern creation. Already exists.');`
Mayor fixes to backend 2017-09-29 05:26:18 +00:00			`} else {`
			`createIndexPattern();`
			`}`
Fix wrong promises chaining 2017-10-27 09:07:38 +00:00			`},`
			`function (error) {`
Fixing backend for Kibana 6.0.0. In progress 2017-10-11 06:45:57 +00:00			`server.log([blueWazuh, 'initialize', 'error'], 'Could not reach elasticsearch.');`
Fix wrong promises chaining 2017-10-27 09:07:38 +00:00			`});`
Mayor fixes to backend 2017-09-29 05:26:18 +00:00			`}`
			`// Save Setup Info`
			`saveConfiguration(type);`
Fix wrong promises chaining 2017-10-27 09:07:38 +00:00			`};`
Mayor fixes to backend 2017-09-29 05:26:18 +00:00
Fixing backend for Kibana 6.0.0. In progress 2017-10-11 06:45:57 +00:00			`// Init function. Check for "wazuh-version" document existance.`
Fix wrong promises chaining 2017-10-27 09:07:38 +00:00			`const init = function () {`
			`elasticRequest.callWithInternalUser('indices.exists', {`
			`index: '.wazuh'`
			`}).then(`
			`function (result) {`
			`if (!result) {`
			`elasticRequest.callWithInternalUser('indices.create', {`
			`index: '.wazuh'`
			`}).then(`
			`function () {`
			`server.log([blueWazuh, 'initialize', 'info'], 'Index .wazuh created.');`
			`},`
			`function () {`
			`server.log([blueWazuh, 'initialize', 'error'], 'Error creating index .wazuh.');`
			`});`
			`}`
			`},`
			`function () {`
			`server.log([blueWazuh, 'initialize', 'error'], 'Could not check if the index .wazuh exists.');`
			`});`
			`elasticRequest.callWithInternalUser('get', {`
			`index: ".wazuh-version",`
			`type: "wazuh-version",`
			`id: "1"`
			`}).then(`
Hide metafields. Active waiting for Kibana/Elastic to be ready 2017-02-24 19:53:28 +00:00			`function (data) {`
Fix wrong promises chaining 2017-10-27 09:07:38 +00:00			`server.log([blueWazuh, 'initialize', 'info'], 'Wazuh-configuration document already exists. Nothing to be done.');`
			`},`
			`function (data) {`
			`server.log([blueWazuh, 'initialize', 'info'], 'Wazuh-configuration document does not exist. Initializating configuration...');`
			`configureKibana("install");`
Hide metafields. Active waiting for Kibana/Elastic to be ready 2017-02-24 19:53:28 +00:00			`}`
			`);`
Fix wrong promises chaining 2017-10-27 09:07:38 +00:00			`};`

			`// Wait until Kibana index is created / loaded and initialize Wazuh App`
			`const checkKibanaIndex = () => {`
			`elasticRequest`
			`.callWithInternalUser('exists', {`
			`index: ".kibana",`
			`id: packageJSON.kibana.version,`
			`type: "config"`
			`})`
			`.then((data) => server.plugins.elasticsearch.waitUntilReady())`
			`.then(() => init())`
			`.catch((error) => {`
			`server.log([blueWazuh, 'initialize', 'info'],`
			`'Waiting index ".kibana" to be created and prepared....');`
			`setTimeout(() => checkKibanaIndex(), 3000);`
			`});`
			`};`

Fixing backend for Kibana 6.0.0. In progress 2017-10-11 06:45:57 +00:00			`// Check Kibana index and if it is prepared, start the initialization of Wazuh App.`
Hide metafields. Active waiting for Kibana/Elastic to be ready 2017-02-24 19:53:28 +00:00			`checkKibanaIndex();`
Fix wrong promises chaining 2017-10-27 09:07:38 +00:00			`};`