valitydev/wazuh-kibana-app
14
0
Fork 0
mirror of https://github.com/valitydev/wazuh-kibana-app.git synced 2024-11-06 09:55:18 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Using recently added api-helper module

Browse Source
This commit is contained in:
Jesús Ángel 2018-12-13 12:30:28 +01:00
parent f41f91c28e
commit 01d08d6fb4
1 changed files with 68 additions and 158 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

226
server/controllers/wazuh-api.js
View File

@ -16,7 +16,6 @@ import { pciRequirementsFile } from '../integration-files/pci-requirements';
import { gdprRequirementsFile } from '../integration-files/gdpr-requirements'; import { gdprRequirementsFile } from '../integration-files/gdpr-requirements';
import { ElasticWrapper } from '../lib/elastic-wrapper'; import { ElasticWrapper } from '../lib/elastic-wrapper';
import { getPath } from '../../util/get-path'; import { getPath } from '../../util/get-path';
import packageInfo from '../../package.json';
import { Monitoring } from '../monitoring'; import { Monitoring } from '../monitoring';
import { ErrorResponse } from './error-response'; import { ErrorResponse } from './error-response';
import { Parser } from 'json2csv'; import { Parser } from 'json2csv';
@ -25,6 +24,7 @@ import { log } from '../logger';
import { KeyEquivalenece } from '../../util/csv-key-equivalence'; import { KeyEquivalenece } from '../../util/csv-key-equivalence';
import { cleanKeys } from '../../util/remove-key'; import { cleanKeys } from '../../util/remove-key';
import { apiRequestList } from '../../util/api-request-list'; import { apiRequestList } from '../../util/api-request-list';
import * as ApiHelper from '../lib/api-helper';
export class WazuhApiCtrl { export class WazuhApiCtrl {
/** /**
@ -33,7 +33,7 @@ export class WazuhApiCtrl {
*/ */
constructor(server) { constructor(server) {
this.wzWrapper = new ElasticWrapper(server); this.wzWrapper = new ElasticWrapper(server);
this.monitoringInstance = new Monitoring(server); this.monitoringInstance = new Monitoring(server, true);
} }
/** /**
@ -45,27 +45,20 @@ export class WazuhApiCtrl {
async checkStoredAPI(req, reply) { async checkStoredAPI(req, reply) {
try { try {
// Get config from elasticsearch // Get config from elasticsearch
const wapi_config = await this.wzWrapper.getWazuhConfigurationById( const api = await this.wzWrapper.getWazuhConfigurationById(req.payload);
req.payload if (api.error_code > 1) {
);
if (wapi_config.error_code > 1) {
throw new Error(`Could not find Wazuh API entry on Elasticsearch.`); throw new Error(`Could not find Wazuh API entry on Elasticsearch.`);
} else if (wapi_config.error_code > 0) { } else if (api.error_code > 0) {
throw new Error( throw new Error(
'Valid credentials not found in Elasticsearch. It seems the credentials were not saved.' 'Valid credentials not found in Elasticsearch. It seems the credentials were not saved.'
); );
} }
const credInfo = {
headers: { const credInfo = ApiHelper.buildOptionsObject(api);
'wazuh-app-version': packageInfo.version
},
username: wapi_config.user,
password: wapi_config.password,
rejectUnauthorized: !wapi_config.insecure
};
let response = await needle( let response = await needle(
'get', 'get',
`${wapi_config.url}:${wapi_config.port}/version`, `${api.url}:${api.port}/version`,
{}, {},
credInfo credInfo
); );
@ -74,7 +67,7 @@ export class WazuhApiCtrl {
// Checking the cluster status // Checking the cluster status
response = await needle( response = await needle(
'get', 'get',
`${wapi_config.url}:${wapi_config.port}/cluster/status`, `${api.url}:${api.port}/cluster/status`,
{}, {},
credInfo credInfo
); );
@ -83,14 +76,14 @@ export class WazuhApiCtrl {
try { try {
const managerInfo = await needle( const managerInfo = await needle(
'get', 'get',
`${wapi_config.url}:${wapi_config.port}/agents/000`, `${api.url}:${api.port}/agents/000`,
{}, {},
credInfo credInfo
); );
const updatedManagerName = managerInfo.body.data.name; const updatedManagerName = managerInfo.body.data.name;
wapi_config.cluster_info.manager = updatedManagerName; api.cluster_info.manager = updatedManagerName;
await this.wzWrapper.updateWazuhIndexDocument(null, req.payload, { await this.wzWrapper.updateWazuhIndexDocument(null, req.payload, {
doc: { cluster_info: wapi_config.cluster_info } doc: { cluster_info: api.cluster_info }
}); });
} catch (error) { } catch (error) {
log( log(
@ -103,23 +96,23 @@ export class WazuhApiCtrl {
if (response.body.data.enabled === 'yes') { if (response.body.data.enabled === 'yes') {
response = await needle( response = await needle(
'get', 'get',
`${wapi_config.url}:${wapi_config.port}/cluster/node`, `${api.url}:${api.port}/cluster/node`,
{}, {},
credInfo credInfo
); );
if (!response.body.error) { if (!response.body.error) {
let managerName = wapi_config.cluster_info.manager; let managerName = api.cluster_info.manager;
delete wapi_config.cluster_info; delete api.cluster_info;
wapi_config.cluster_info = {}; api.cluster_info = {};
wapi_config.cluster_info.status = 'enabled'; api.cluster_info.status = 'enabled';
wapi_config.cluster_info.manager = managerName; api.cluster_info.manager = managerName;
wapi_config.cluster_info.node = response.body.data.node; api.cluster_info.node = response.body.data.node;
wapi_config.cluster_info.cluster = response.body.data.cluster; api.cluster_info.cluster = response.body.data.cluster;
wapi_config.password = '****'; api.password = '****';
return reply({ return reply({
statusCode: 200, statusCode: 200,
data: wapi_config, data: api,
idChanged: req.idChanged || null idChanged: req.idChanged || null
}); });
} else if (response.body.error) { } else if (response.body.error) {
@ -132,17 +125,17 @@ export class WazuhApiCtrl {
} }
} else { } else {
// Cluster mode is not active // Cluster mode is not active
let managerName = wapi_config.cluster_info.manager; let managerName = api.cluster_info.manager;
delete wapi_config.cluster_info; delete api.cluster_info;
wapi_config.cluster_info = {}; api.cluster_info = {};
wapi_config.cluster_info.status = 'disabled'; api.cluster_info.status = 'disabled';
wapi_config.cluster_info.cluster = 'Disabled'; api.cluster_info.cluster = 'Disabled';
wapi_config.cluster_info.manager = managerName; api.cluster_info.manager = managerName;
wapi_config.password = '****'; api.password = '****';
return reply({ return reply({
statusCode: 200, statusCode: 200,
data: wapi_config, data: api,
idChanged: req.idChanged || null idChanged: req.idChanged || null
}); });
} }
@ -164,9 +157,7 @@ export class WazuhApiCtrl {
throw new Error(response.body.message); throw new Error(response.body.message);
} }
throw new Error( throw new Error(`${api.url}:${api.port}/version is unreachable`);
`${wapi_config.url}:${wapi_config.port}/version is unreachable`
);
} }
} catch (error) { } catch (error) {
if (error.code === 'ECONNREFUSED') { if (error.code === 'ECONNREFUSED') {
@ -187,21 +178,18 @@ export class WazuhApiCtrl {
const apis = await this.wzWrapper.getWazuhAPIEntries(); const apis = await this.wzWrapper.getWazuhAPIEntries();
for (const api of apis.hits.hits) { for (const api of apis.hits.hits) {
try { try {
const options = ApiHelper.buildOptionsObject(api);
options.password = Buffer.from(
api._source.api_password,
'base64'
).toString('ascii');
const response = await needle( const response = await needle(
'get', 'get',
`${api._source.url}:${api._source.api_port}/version`, `${api._source.url}:${api._source.api_port}/version`,
{}, {},
{ options
headers: {
'wazuh-app-version': packageInfo.version
},
username: api._source.api_user,
password: Buffer.from(
api._source.api_password,
'base64'
).toString('ascii'),
rejectUnauthorized: !api._source.insecure
}
); );
if ( if (
response && response &&
@ -294,14 +282,7 @@ export class WazuhApiCtrl {
'get', 'get',
`${apiAvailable.url}:${apiAvailable.port}/version`, `${apiAvailable.url}:${apiAvailable.port}/version`,
{}, {},
{ ApiHelper.buildOptionsObject(apiAvailable)
headers: {
'wazuh-app-version': packageInfo.version
},
username: apiAvailable.user,
password: apiAvailable.password,
rejectUnauthorized: !apiAvailable.insecure
}
); );
// Check wrong credentials // Check wrong credentials
@ -314,14 +295,7 @@ export class WazuhApiCtrl {
'get', 'get',
`${apiAvailable.url}:${apiAvailable.port}/agents/000`, `${apiAvailable.url}:${apiAvailable.port}/agents/000`,
{}, {},
{ ApiHelper.buildOptionsObject(apiAvailable)
headers: {
'wazuh-app-version': packageInfo.version
},
username: apiAvailable.user,
password: apiAvailable.password,
rejectUnauthorized: !apiAvailable.insecure
}
); );
if (!response.body.error) { if (!response.body.error) {
@ -331,15 +305,7 @@ export class WazuhApiCtrl {
'get', 'get',
`${apiAvailable.url}:${apiAvailable.port}/cluster/status`, `${apiAvailable.url}:${apiAvailable.port}/cluster/status`,
{}, {},
{ ApiHelper.buildOptionsObject(apiAvailable)
// Checking the cluster status
headers: {
'wazuh-app-version': packageInfo.version
},
username: apiAvailable.user,
password: apiAvailable.password,
rejectUnauthorized: !apiAvailable.insecure
}
); );
if (!response.body.error) { if (!response.body.error) {
@ -349,14 +315,7 @@ export class WazuhApiCtrl {
'get', 'get',
`${apiAvailable.url}:${apiAvailable.port}/cluster/node`, `${apiAvailable.url}:${apiAvailable.port}/cluster/node`,
{}, {},
{ ApiHelper.buildOptionsObject(apiAvailable)
headers: {
'wazuh-app-version': packageInfo.version
},
username: apiAvailable.user,
password: apiAvailable.password,
rejectUnauthorized: !apiAvailable.insecure
}
); );
if (!response.body.error) { if (!response.body.error) {
@ -404,11 +363,11 @@ export class WazuhApiCtrl {
if (!req.headers.id) { if (!req.headers.id) {
return reply(pciRequirementsFile); return reply(pciRequirementsFile);
} }
let wapi_config = await this.wzWrapper.getWazuhConfigurationById( let api = await this.wzWrapper.getWazuhConfigurationById(
req.headers.id req.headers.id
); );
if (wapi_config.error_code > 1) { if (api.error_code > 1) {
// Can not connect to elasticsearch // Can not connect to elasticsearch
return ErrorResponse( return ErrorResponse(
'Elasticsearch unexpected error or cannot connect', 'Elasticsearch unexpected error or cannot connect',
@ -416,23 +375,16 @@ export class WazuhApiCtrl {
400, 400,
reply reply
); );
} else if (wapi_config.error_code > 0) { } else if (api.error_code > 0) {
// Credentials not found // Credentials not found
return ErrorResponse('Credentials does not exists', 3008, 400, reply); return ErrorResponse('Credentials does not exists', 3008, 400, reply);
} }
const response = await needle( const response = await needle(
'get', 'get',
`${wapi_config.url}:${wapi_config.port}/rules/pci`, `${api.url}:${api.port}/rules/pci`,
{}, {},
{ ApiHelper.buildOptionsObject(api)
headers: {
'wazuh-app-version': packageInfo.version
},
username: wapi_config.user,
password: wapi_config.password,
rejectUnauthorized: !wapi_config.insecure
}
); );
if (response.body.data && response.body.data.items) { if (response.body.data && response.body.data.items) {
@ -483,23 +435,16 @@ export class WazuhApiCtrl {
if (!req.headers.id) { if (!req.headers.id) {
return reply(gdprRequirementsFile); return reply(gdprRequirementsFile);
} }
const wapi_config = await this.wzWrapper.getWazuhConfigurationById( const api = await this.wzWrapper.getWazuhConfigurationById(
req.headers.id req.headers.id
); );
// Checking for GDPR // Checking for GDPR
const version = await needle( const version = await needle(
'get', 'get',
`${wapi_config.url}:${wapi_config.port}/version`, `${api.url}:${api.port}/version`,
{}, {},
{ ApiHelper.buildOptionsObject(api)
headers: {
'wazuh-app-version': packageInfo.version
},
username: wapi_config.user,
password: wapi_config.password,
rejectUnauthorized: !wapi_config.insecure
}
); );
const number = version.body.data; const number = version.body.data;
@ -521,7 +466,7 @@ export class WazuhApiCtrl {
return reply({}); return reply({});
} }
if (wapi_config.error_code > 1) { if (api.error_code > 1) {
// Can not connect to elasticsearch // Can not connect to elasticsearch
return ErrorResponse( return ErrorResponse(
'Elasticsearch unexpected error or cannot connect', 'Elasticsearch unexpected error or cannot connect',
@ -529,23 +474,16 @@ export class WazuhApiCtrl {
400, 400,
reply reply
); );
} else if (wapi_config.error_code > 0) { } else if (api.error_code > 0) {
// Credentials not found // Credentials not found
return ErrorResponse('Credentials does not exists', 3025, 400, reply); return ErrorResponse('Credentials does not exists', 3025, 400, reply);
} }
const response = await needle( const response = await needle(
'get', 'get',
`${wapi_config.url}:${wapi_config.port}/rules/gdpr`, `${api.url}:${api.port}/rules/gdpr`,
{}, {},
{ ApiHelper.buildOptionsObject(api)
headers: {
'wazuh-app-version': packageInfo.version
},
username: wapi_config.user,
password: wapi_config.password,
rejectUnauthorized: !wapi_config.insecure
}
); );
if (response.body.data && response.body.data.items) { if (response.body.data && response.body.data.items) {
@ -593,9 +531,9 @@ export class WazuhApiCtrl {
*/ */
async makeRequest(method, path, data, id, reply) { async makeRequest(method, path, data, id, reply) {
try { try {
const wapi_config = await this.wzWrapper.getWazuhConfigurationById(id); const api = await this.wzWrapper.getWazuhConfigurationById(id);
if (wapi_config.error_code > 1) { if (api.error_code > 1) {
//Can not connect to elasticsearch //Can not connect to elasticsearch
return ErrorResponse( return ErrorResponse(
'Could not connect with elasticsearch', 'Could not connect with elasticsearch',
@ -603,7 +541,7 @@ export class WazuhApiCtrl {
404, 404,
reply reply
); );
} else if (wapi_config.error_code > 0) { } else if (api.error_code > 0) {
//Credentials not found //Credentials not found
return ErrorResponse('Credentials does not exists', 3012, 404, reply); return ErrorResponse('Credentials does not exists', 3012, 404, reply);
} }
@ -612,16 +550,9 @@ export class WazuhApiCtrl {
data = {}; data = {};
} }
const options = { const options = ApiHelper.buildOptionsObject(api);
headers: {
'wazuh-app-version': packageInfo.version
},
username: wapi_config.user,
password: wapi_config.password,
rejectUnauthorized: !wapi_config.insecure
};
const fullUrl = getPath(wapi_config) + path; const fullUrl = getPath(api) + path;
const response = await needle(method, fullUrl, data, options); const response = await needle(method, fullUrl, data, options);
if ( if (
@ -659,12 +590,12 @@ export class WazuhApiCtrl {
*/ */
async makeGenericRequest(method, path, data, id) { async makeGenericRequest(method, path, data, id) {
try { try {
const wapi_config = await this.wzWrapper.getWazuhConfigurationById(id); const api = await this.wzWrapper.getWazuhConfigurationById(id);
if (wapi_config.error_code > 1) { if (api.error_code > 1) {
//Can not connect to elasticsearch //Can not connect to elasticsearch
throw new Error('Could not connect with elasticsearch'); throw new Error('Could not connect with elasticsearch');
} else if (wapi_config.error_code > 0) { } else if (api.error_code > 0) {
//Credentials not found //Credentials not found
throw new Error('Credentials does not exists'); throw new Error('Credentials does not exists');
} }
@ -673,16 +604,9 @@ export class WazuhApiCtrl {
data = {}; data = {};
} }
const options = { const options = ApiHelper.buildOptionsObject(api);
headers: {
'wazuh-app-version': packageInfo.version
},
username: wapi_config.user,
password: wapi_config.password,
rejectUnauthorized: !wapi_config.insecure
};
const fullUrl = getPath(wapi_config) + path; const fullUrl = getPath(api) + path;
const response = await needle(method, fullUrl, data, options); const response = await needle(method, fullUrl, data, options);
if ( if (
@ -819,14 +743,7 @@ export class WazuhApiCtrl {
} }
} }
const cred = { const cred = ApiHelper.buildOptionsObject(config);
headers: {
'wazuh-app-version': packageInfo.version
},
username: config.user,
password: config.password,
rejectUnauthorized: !config.insecure
};
const itemsArray = []; const itemsArray = [];
const output = await needle( const output = await needle(
@ -918,14 +835,7 @@ export class WazuhApiCtrl {
req.params.api req.params.api
); );
const headers = { const headers = ApiHelper.buildOptionsObject(config);
headers: {
'wazuh-app-version': packageInfo.version
},
username: config.user,
password: config.password,
rejectUnauthorized: !config.insecure
};
const distinctUrl = `${config.url}:${config.port}/agents/stats/distinct`; const distinctUrl = `${config.url}:${config.port}/agents/stats/distinct`;