valitydev/wazuh-kibana-app
14
0
Fork 0
mirror of https://github.com/valitydev/wazuh-kibana-app.git synced 2024-11-06 01:45:18 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Merge tag 'v3.13.1-7.8.0' into 3.13-7.8

Browse Source
This commit is contained in:
Jose Sanchez 2020-09-21 11:23:04 +02:00
commit 69b683538a
8 changed files with 175 additions and 98 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
public/components/common/welcome/agents-welcome.js
View File

@ -191,7 +191,11 @@ export class AgentsWelcome extends Component {
}
showModuleByPlatform(menu) {
return !this.platform ? false : !UnsupportedComponents[this.platform].includes(menu.id);
try {
return !this.platform ? false : !UnsupportedComponents[this.platform].includes(menu.id);
} catch (error) {
return !UnsupportedComponents['other'].includes(menu.id);
}
}
renderModules() {

14
public/components/common/welcome/components/requirement_vis/components/requitement_body/lib/get_requirement_alerts.ts
View File

@ -15,6 +15,7 @@
import { IFilterParams, getElasticAlerts, getIndexPattern } from '../../../../../../../overview/mitre/lib';
import { getWazuhFilter } from '../../../../fim_events_table';
import { buildPhraseFilter, buildExistsFilter } from '../../../../../../../../../../../src/plugins/data/common';
import { toastNotifications } from 'ui/notify';
export async function getRequirementAlerts(agentId, time, requirement) {
const indexPattern = await getIndexPattern();
@ -37,8 +38,17 @@ export async function getRequirementAlerts(agentId, time, requirement) {
}
const response = await getElasticAlerts(indexPattern, filterParams, aggs);
const alerts_count = ((((response || {}).data || {}).aggregations || {}).alerts_count || {}).buckets;
if (typeof alerts_count === 'undefined') {
toastNotifications.add({
color: 'warning',
title: 'Error getting alerts from compliances',
text: "Your environment may not have any index with Wazuh's alerts."
})
}
return {
alerts_count: ((((response || {}).data || {}).aggregations || {}).alerts_count || {}).buckets,
alerts_count: !!alerts_count ? alerts_count : [],
total_alerts: (((response || {}).data || {}).hits || {}).total
};
}
@ -62,4 +72,4 @@ function createFilters(agentId, indexPattern) {
function createExistsFilter(requirement, indexPattern) {
return buildExistsFilter({ name: `rule.${requirement}`, type: 'nested' }, indexPattern)
}
}

21
public/controllers/agent/agents-preview.js
View File

@ -111,8 +111,7 @@ export class AgentsPreviewController {
hasAgents: this.hasAgents,
reload: () => this.$route.reload(),
getWazuhVersion: () => this.getWazuhVersion(),
getCurrentApiAddress: () => this.getCurrentApiAddress(),
needsPassword: () => this.needsPassword()
getCurrentApiAddress: () => this.getCurrentApiAddress()
};
this.hasAgents = true;
this.init = false;
@ -249,24 +248,6 @@ export class AgentsPreviewController {
);
}
/**
* Returns if the password is neccesary to register a new agent
*/
async needsPassword() {
try {
const result = await this.apiReq.request(
'GET',
'/agents/000/config/auth/auth',
{}
);
const auth = ((result.data || {}).data || {}).auth || {};
const usePassword = auth.use_password === 'yes';
return usePassword;
} catch (error) {
return false;
}
}
/**
* Returns the current API address
*/

216
public/controllers/agent/components/register-agent.js
View File

@ -11,7 +11,7 @@
*/
import React, { Component, Fragment } from 'react';
import { version } from '../../../../package.json';
import { WazuhConfig } from '../../../react-services/wazuh-config';
import {
EuiSteps,
EuiFlexGroup,
@ -22,46 +22,95 @@ import {
EuiText,
EuiCodeBlock,
EuiTitle,
EuiButtonIcon,
EuiButton,
EuiButtonEmpty,
EuiCopy,
EuiPage,
EuiPageBody,
EuiCallOut,
EuiSpacer
EuiSpacer,
EuiProgress
} from '@elastic/eui';
import PropTypes from 'prop-types';
import { WzRequest } from '../../../react-services/wz-request';
export class RegisterAgent extends Component {
constructor(props) {
super(props);
this.wazuhConfig = new WazuhConfig();
this.configuration = this.wazuhConfig.getConfig();
this.state = {
status: 'incomplete',
selectedOS: '',
serverAddress: '',
wazuhPassword: ''
wazuhPassword: '',
tcpProtocol: false
};
}
async componentDidMount() {
try {
this.setState({ loading: true });
const wazuhVersion = await this.props.getWazuhVersion();
const apiAddress = await this.props.getCurrentApiAddress();
const needsPassword = await this.props.needsPassword();
let serverAddress = false;
let wazuhPassword = '';
let hidePasswordInput = false;
serverAddress = this.configuration["enrollment.dns"] || false;
if (!serverAddress) {
serverAddress = await this.props.getCurrentApiAddress();
}
let authInfo = await this.getAuthInfo();
const needsPassword = (authInfo.auth || {}).use_password === 'yes';
if (needsPassword) {
wazuhPassword = authInfo['authd.pass'] || '';
if (wazuhPassword) {
hidePasswordInput = true;
}
}
const tcpProtocol = await this.getRemoteInfo();
this.setState({
serverAddress: apiAddress,
needsPassword: needsPassword,
wazuhVersion: wazuhVersion
serverAddress,
needsPassword,
hidePasswordInput,
wazuhPassword,
tcpProtocol,
wazuhVersion,
loading: false
});
} catch (error) {
this.setState({
wazuhVersion: version
wazuhVersion: version,
loading: false
});
}
}
async getAuthInfo() {
try {
const result = await WzRequest.apiReq(
'GET',
'/agents/000/config/auth/auth',
{}
);
return (result.data || {}).data || {};
} catch (error) {
return false;
}
}
async getRemoteInfo() {
try {
const result = await WzRequest.apiReq(
'GET',
'/agents/000/config/request/remote',
{}
);
const remote = ((result.data || {}).data || {}).remote || {};
return (remote[0] || {}).protocol !== 'udp';
} catch (error) {
return false;
}
}
selectOS(os) {
this.setState({ selectedOS: os });
}
@ -79,11 +128,23 @@ export class RegisterAgent extends Component {
* @param {Array} steps
*/
cleanSteps(steps) {
if (this.state.needsPassword) return steps;
steps.splice(2, 1);
if (!this.state.needsPassword || this.state.hidePasswordInput)
steps.splice(2, 1);
return steps;
}
obfuscatePassword(text) {
let obfuscate = '';
const regex = /WAZUH_REGISTRATION_PASSWORD=?\040?\'(.*?)\'/gm;
const match = regex.exec(text);
const password = match[1];
if (password) {
[...password].forEach(() => obfuscate += '*')
text = text.replace(password, obfuscate);
}
return text;
}
render() {
const rpmButton = (
<EuiButtonToggle
@ -133,82 +194,92 @@ export class RegisterAgent extends Component {
/>
);
const copyButton = {
position: 'relative',
float: 'right',
zIndex: '1000',
right: '8px',
top: '16px'
};
const codeBlock = {
zIndex: '100'
};
const customTexts = {
rpmText: `sudo WAZUH_MANAGER='${this.state.serverAddress}'${
this.state.needsPassword
? ` WAZUH_REGISTRATION_PASSWORD='${this.state.wazuhPassword}' `
: ' '
}yum install https://packages.wazuh.com/3.x/yum/wazuh-agent-${
? ` WAZUH_REGISTRATION_PASSWORD='${this.state.wazuhPassword}'`
: ''
}${
this.state.tcpProtocol
? " WAZUH_PROTOCOL='TCP'"
: ''
} yum install https://packages.wazuh.com/3.x/yum/wazuh-agent-${
this.state.wazuhVersion
}-1.x86_64.rpm`,
}-1.x86_64.rpm`,
debText: `curl -so wazuh-agent.deb https://packages.wazuh.com/3.x/apt/pool/main/w/wazuh-agent/wazuh-agent_${
this.state.wazuhVersion
}-1_amd64.deb && sudo WAZUH_MANAGER='${this.state.serverAddress}'${
}-1_amd64.deb && sudo WAZUH_MANAGER='${this.state.serverAddress}'${
this.state.needsPassword
? ` WAZUH_REGISTRATION_PASSWORD='${this.state.wazuhPassword}' `
: ' '
}dpkg -i ./wazuh-agent.deb`,
? ` WAZUH_REGISTRATION_PASSWORD='${this.state.wazuhPassword}'`
: ''
}${
this.state.tcpProtocol
? " WAZUH_PROTOCOL='TCP'"
: ''
} dpkg -i ./wazuh-agent.deb`,
macosText: `curl -so wazuh-agent.pkg https://packages.wazuh.com/3.x/osx/wazuh-agent-${
this.state.wazuhVersion
}-1.pkg && sudo launchctl setenv WAZUH_MANAGER '${
}-1.pkg && sudo launchctl setenv WAZUH_MANAGER '${
this.state.serverAddress
}'${
}'${
this.state.needsPassword
? ` WAZUH_REGISTRATION_PASSWORD '${this.state.wazuhPassword}' `
: ' '
}&& sudo installer -pkg ./wazuh-agent.pkg -target /`,
? ` WAZUH_REGISTRATION_PASSWORD '${this.state.wazuhPassword}'`
: ''
}${
this.state.tcpProtocol
? " WAZUH_PROTOCOL 'TCP'"
: ''
} && sudo installer -pkg ./wazuh-agent.pkg -target /`,
winText: `Invoke-WebRequest -Uri https://packages.wazuh.com/3.x/windows/wazuh-agent-${
this.state.wazuhVersion
}-1.msi -OutFile wazuh-agent.msi; ./wazuh-agent.msi /q WAZUH_MANAGER='${
}-1.msi -OutFile wazuh-agent.msi; ./wazuh-agent.msi /q WAZUH_MANAGER='${
this.state.serverAddress
}' WAZUH_REGISTRATION_SERVER='${this.state.serverAddress}'${
}' WAZUH_REGISTRATION_SERVER='${this.state.serverAddress}'${
this.state.needsPassword
? ` WAZUH_REGISTRATION_PASSWORD='${this.state.wazuhPassword}' `
: ' '
}`
? ` WAZUH_REGISTRATION_PASSWORD='${this.state.wazuhPassword}'`
: ''
}${
this.state.tcpProtocol
? " WAZUH_PROTOCOL='TCP'"
: ''
}`
};
const field = `${this.state.selectedOS}Text`;
const text = customTexts[field];
const language = this.state.selectedOS === 'win' ? 'ps' : 'bash';
const windowsAdvice = this.state.selectedOS === 'win' && (
<EuiCallOut
size="s"
title="You will need administrator privileges to perform this installation."
iconType="iInCircle"
/>
<>
<EuiCallOut
title="You will need administrator privileges to perform this installation."
iconType="iInCircle"
/>
<EuiSpacer></EuiSpacer>
</>
);
const guide = (
<div>
{this.state.selectedOS && (
<EuiText>
<div style={copyButton}>
<EuiCopy textToCopy={text}>
{copy => (
<EuiButtonIcon
onClick={copy}
iconType="copy"
aria-label="Copy"
/>
)}
</EuiCopy>
</div>
<p>You can use this command to install and enroll the Wazuh agent in one or more host.</p>
<EuiCodeBlock style={codeBlock} language={language}>
{text}
{this.state.wazuhPassword ? this.obfuscatePassword(text) : text}
</EuiCodeBlock>
{windowsAdvice}
<EuiCopy textToCopy={text}>
{copy => (
<EuiButton
fill
iconType="copy"
onClick={copy}>
Copy command
</EuiButton>
)}
</EuiCopy>
</EuiText>
)}
</div>
@ -216,7 +287,7 @@ export class RegisterAgent extends Component {
const steps = [
{
title: 'Choose your OS',
title: 'Choose OS',
children: (
<Fragment>
{rpmButton} {debButton} {windowsButton} {macOSButton}
@ -232,7 +303,7 @@ export class RegisterAgent extends Component {
children: <Fragment>{passwordInput}</Fragment>
},
{
title: 'Complete the installation',
title: 'Install and enroll the agent',
children: (
<div>
<Fragment>
@ -278,9 +349,19 @@ export class RegisterAgent extends Component {
</EuiFlexItem>
</EuiFlexGroup>
<EuiSpacer></EuiSpacer>
<EuiFlexItem>
<EuiSteps steps={this.cleanSteps(steps)} />
</EuiFlexItem>
{this.state.loading && (
<>
<EuiFlexItem>
<EuiProgress size="xs" color="primary" />
</EuiFlexItem>
<EuiSpacer></EuiSpacer>
</>
)}
{!this.state.loading && (
<EuiFlexItem>
<EuiSteps steps={this.cleanSteps(steps)} />
</EuiFlexItem>
)}
</EuiPanel>
</EuiFlexItem>
</EuiFlexGroup>
@ -289,11 +370,4 @@ export class RegisterAgent extends Component {
</div>
);
}
}
RegisterAgent.propTypes = {
addNewAgent: PropTypes.func,
getWazuhVersion: PropTypes.func,
getCurrentApiAddress: PropTypes.func,
needsPassword: PropTypes.func
};
}

3
public/services/resolves/get-config.js
View File

@ -45,7 +45,8 @@ export async function getWzConfig($q, genericReq, wazuhConfig) {
'wazuh.monitoring.pattern': 'wazuh-monitoring-3.x-*',
admin: true,
hideManagerAlerts: false,
'logs.level': 'info'
'logs.level': 'info',
'enrollment.dns': ''
};
try {

2
public/services/resolves/settings-wizard.js
View File

@ -214,12 +214,12 @@ export function settingsWizard(
'Wazuh App: Default API has been updated.',
defaultApi
);
$location.path('health-check');
} else {
setUpCredentials(
'Wazuh App: Please set up Wazuh API credentials.'
);
}
$location.path('health-check');
deferred.resolve();
})
.catch(error => {

4
public/utils/config-equivalences.js
View File

@ -52,5 +52,7 @@ export const configEquivalences = {
hideManagerAlerts:
'Hide the alerts of the manager in all dashboards and discover',
'logs.level':
'Set the app logging level, allowed values are info and debug. Default is info.'
'Set the app logging level, allowed values are info and debug. Default is info.',
'enrollment.dns':
'Set the Wazuh server address in the agent deployment.',
};

7
server/lib/initial-wazuh-config.js
View File

@ -75,7 +75,7 @@ export const initialWazuhConfig = `---
#
# Defines if the user is allowed to change the selected
# API directly from the Wazuh app top menu.
# Default: truepi
# Default: true
#api.selector: true
#
# --------------------------- Index pattern selector ---------------------------
@ -133,6 +133,11 @@ export const initialWazuhConfig = `---
# Allowed values: info, debug
#logs.level: info
#
# -------------------------------- Enrollment DNS -------------------------------
# Set the variable WAZUH_REGISTRATION_SERVER in agents deployment.
# Default value: ''
#enrollment.dns: ''
#
#-------------------------------- API entries -----------------------------------
#The following configuration is the default structure to define an API entry.
#