mirror of
https://github.com/valitydev/wazuh-kibana-app.git
synced 2024-11-06 09:55:18 +00:00
Wazuh - Kibana plugin
15a0ef4bb2
* Add the test environment * Add the first functional test * Add two services to test the visualizations * Add two tests for the alerts visualizations * Refactoring and cleaning code * Create two new services to test pie charts * Create two tests for charts pie * should top 5 agent chart pie values are correct * should top 5 rule groups chart pie values are correct * Add test and fix sort problem * should alerts evolution - top 5 agents chart values are correct * Add the missing ID property * Fix problem with the sort function * Add two classes to test visualization tables * Add new test for alert summary table `should alerts summary table values are correct` * Refactoring duplicate code in `setTodayRange` * Add 14 tests to cover query bar and filters * should `alertStats` values are correct when add the filter ` rule.level: 7` * should `alert level evolution` chart values are correct when add the filter ` rule.level: 7` * should `alert` chart values are correct when add the filter ` rule.level: 7` * should `top 5 agent` chart pie values are correct when add the filter ` rule.level: 7` * should `top 5 rule groups` chart pie values are correct when add the filter ` rule.level: 7` * should `alerts evolution - top 5 agents` chart values are correct when add the filter ` rule.level: 7` * should `alerts summary` table values are correct when add the filter ` rule.level: 7` * should `alertStats` values are correct when add to the query bar ` rule.level: 7` * should `alert level evolution` chart values are correct when add to the query bar ` rule.level: 7` * should `alert` chart values are correct when add to the query bar ` rule.level: 7` * should `top 5 agent` chart pie values are correct when add to the query bar ` rule.level: 7` * should `top 5 rule groups` chart pie values are correct when add to the query bar ` rule.level: 7` * should `alerts evolution - top 5 agents` chart values are correct when add to the query bar ` rule.level: 7` * should `alerts summary` table values are correct when add to the query bar ` rule.level: 7` * Fix the problem with summary alerts test * Fix expect problem with alert summary table * Change the value of a param in visualization The aggregation type of the visualization is `sum` I change the value to `count` * Add missing id properties to visualizations * Create a new method to navigate to the FIM view * Add a `beforeEach` method to remove duplicate code * Add the tests for FIM Dashboard * Add test for the filters and query bar in FIM * Add documentation to the code * Fix problem when comparing objects * Set index pattern * Fix the problem with the expected test result * Removed discover from wz-menu |
||
|---|---|---|
| .github/ISSUE_TEMPLATE | ||
| public | ||
| server | ||
| test | ||
| util | ||
| .eslintignore | ||
| .eslintrc.json | ||
| .gitignore | ||
| .kibana-plugin-helpers.json | ||
| .tslint.yml | ||
| .yarnignore | ||
| CHANGELOG.md | ||
| config.yml | ||
| index.js | ||
| init.js | ||
| LICENSE | ||
| package.json | ||
| README.md | ||
| STYLEGUIDE.md | ||
| tsconfig.json | ||
Wazuh Kibana App
Wazuh is a security detection, visibility, and compliance open source project. It was born as a fork of OSSEC HIDS, later was integrated with Elastic Stack and OpenSCAP evolving into a more comprehensive solution. You can read more in https://wazuh.com/
Description
Visualize and analyze Wazuh alerts stored in Elasticsearch using our Kibana app plugin.
- Obtain statistics per agent, search alerts and filter by using the different visualizations.
- View the Wazuh manager configuration.
- File integrity monitoring.
Documentation
Branches
stablebranch on correspond to the last Wazuh app stable version.masterbranch contains the latest code, be aware of possible bugs on this branch.
Requisites
- Wazuh HIDS 3.10.2
- Wazuh RESTful API 3.10.2
- Kibana 7.3.2
- Elasticsearch 7.3.2
Installation
Install the app
- With sudo:
sudo -u kibana /usr/share/kibana/bin/kibana-plugin install https://packages.wazuh.com/wazuhapp/wazuhapp-3.10.2_7.3.2.zip
- Without sudo:
su -c '/usr/share/kibana/bin/kibana-plugin install https://packages.wazuh.com/wazuhapp/wazuhapp-3.10.2_7.3.2.zip' kibana
Restart Kibana
- Systemd:
systemctl restart kibana
- SysV Init:
service kibana restart
Upgrade
Stop Kibana
- Systemd:
systemctl stop kibana
- SysV Init:
service kibana stop
Remove the app using kibana-plugin tool
/usr/share/kibana/bin/kibana-plugin remove wazuh
Remove generated bundles
rm -rf /usr/share/kibana/optimize/bundles
Update file permissions. This will avoid several errors prior to updating the app:
chown -R kibana:kibana /usr/share/kibana/optimize
chown -R kibana:kibana /usr/share/kibana/plugins
Install the app
- With sudo:
sudo -u kibana /usr/share/kibana/bin/kibana-plugin install https://packages.wazuh.com/wazuhapp/wazuhapp-3.10.2_7.3.2.zip
- Without sudo:
su -c '/usr/share/kibana/bin/kibana-plugin install https://packages.wazuh.com/wazuhapp/wazuhapp-3.10.2_7.3.2.zip' kibana
Restart Kibana
- Systemd:
systemctl restart kibana
- SysV Init:
service kibana restart
Older packages
Contribute
If you want to contribute to our project please don't hesitate to send a pull request. You can also join our users mailing list, by sending an email to mailto:wazuh+subscribe@googlegroups.com, to ask questions and participate in discussions.
Software and libraries used
- https://elastic.co
- https://material.angularjs.org
- https://angularjs.org
- https://nodejs.org
- https://npmjs.com
Copyright & License
Copyright © 2019 Wazuh, Inc.
This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.
Find more information about this on the LICENSE file.