mirror of
https://github.com/valitydev/wazuh-kibana-app.git
synced 2024-11-06 01:45:18 +00:00
Wazuh - Kibana plugin
8e9dff0737
* Remove console.log * Navigate from agents dashboard * Change state by props * Fix settings-wizard * Fix when joinning hosts and registry * Check for new API entries * Close add api component * Remove await * Improve checks for new apis * Test if API is down in wazuh-api * Check down APIs * Api is down component finish * Transform hosts in the backend * Fix key * Adapt removeOrphanentries * Adapt settings-wizard * Improve api-is-down component * Change the way to display the helpers components * Check APIs status when get them * Remove console.log * Check manager sets the status to the API entry * Prevent create wazuh-registry.json without hosts * FIx extensions * Add panel * Change style for wazuh hosts * Show add api component from the table * Refresh API entries * Update wazuh-hosts * Api is down table loading effect * Show API is down when accessing to settings if any API is up * Update cluster info in the settings wizard * Update Kibana version * Refactor design of guides * Change color * Remove wazuh-hosts.yml * Remove hosts from configuration * Change foreach by for * Solves asynchronous problem * Adapt ruleset handler * Upload files * Add more modules to the guide * Show what files were upload and hwat not * Detail the error * Expand fail list * Add button to refresh lists * Fix \n in the migration * Fix api-count * Back from dahsboards * Fix typo * Fix when getting an empty file * Prevent empty lines in cdb lists * Hide index pattern is there are only one * Add missing `await` * Fix eui loader * Change the properties of register-agent component Set the background to transparent Change the title: Add => Deploy * Add register-agent component to add user to group * Show button in general when no agents registered * Show button in FIM when no agents registered * Hide Logtest and Test config * Update output of success/fail uploaded files * More modules * Some fixes * Fix API wizard * Add the RegisterAgent component to overview * Make module selector scrollable and fit current screen * Add Rootcheck. Fix extra attributes * Add reconnect_time to log collection section * Fix example in getting started guide * Detect if is Agent * Scroll to bottom when configuration is generated * Fix groups interactive guide * Revert "Merge branch 'extend-add-new-agent-1767' of https://github.com/wazuh/wazuh-kibana-app" This reverts commit |
||
|---|---|---|
| .github/ISSUE_TEMPLATE | ||
| public | ||
| server | ||
| test | ||
| util | ||
| .eslintignore | ||
| .eslintrc.json | ||
| .gitignore | ||
| .kibana-plugin-helpers.json | ||
| .tslint.yml | ||
| .yarnignore | ||
| CHANGELOG.md | ||
| index.js | ||
| init.js | ||
| LICENSE | ||
| package.json | ||
| README.md | ||
| STYLEGUIDE.md | ||
| tsconfig.json | ||
Wazuh Kibana App
Wazuh is a security detection, visibility, and compliance open source project. It was born as a fork of OSSEC HIDS, later was integrated with Elastic Stack and OpenSCAP evolving into a more comprehensive solution. You can read more in https://wazuh.com/
Description
Visualize and analyze Wazuh alerts stored in Elasticsearch using our Kibana app plugin.
- Obtain statistics per agent, search alerts and filter by using the different visualizations.
- View the Wazuh manager configuration.
- File integrity monitoring.
Documentation
Branches
stablebranch on correspond to the last Wazuh app stable version.masterbranch contains the latest code, be aware of possible bugs on this branch.
Requisites
- Wazuh HIDS 3.12.0
- Wazuh RESTful API 3.12.0
- Kibana 6.8.7
- Elasticsearch 6.8.7
Installation
Install the app
cd /usr/share/kibana
sudo -u kibana bin/kibana-plugin install https://packages.wazuh.com/wazuhapp/wazuhapp-3.12.0_6.8.7.zip
Restart Kibana
- Systemd:
systemctl restart kibana
- SysV Init:
service kibana restart
Upgrade
Note: In Wazuh 3.12.0 (regardless of the Elastic Stack version) the location of the wazuh.yml has been moved from /usr/share/kibana/plugins/wazuh/wazuh.yml to /usr/share/kibana/optimize/wazuh/config/wazuh.yml.
Stop Kibana
- Systemd:
systemctl stop kibana
- SysV Init:
service kibana stop
Copy the wazuh.yml to its new location. (Only needed for upgrades from 3.11.x to 3.12.y)
mkdir -p /usr/share/kibana/optimize/wazuh/config
cp /usr/share/kibana/plugins/wazuh/wazuh.yml /usr/share/kibana/optimize/wazuh/config/wazuh.yml
Remove the app using kibana-plugin tool
cd /usr/share/kibana/
sudo -u kibana bin/kibana-plugin remove wazuh
Remove generated bundles
rm -rf /usr/share/kibana/optimize/bundles
Update file permissions. This will avoid several errors prior to updating the app:
chown -R kibana:kibana /usr/share/kibana/optimize
chown -R kibana:kibana /usr/share/kibana/plugins
Install the app
cd /usr/share/kibana/
sudo -u kibana bin/kibana-plugin install https://packages.wazuh.com/wazuhapp/wazuhapp-3.12.0_6.8.7.zip
Update configuration file permissions.
sudo chown kibana:kibana /usr/share/kibana/optimize/wazuh/config/wazuh.yml
sudo chmod 600 /usr/share/kibana/optimize/wazuh/config/wazuh.yml
Restart Kibana
- Systemd:
systemctl restart kibana
- SysV Init:
service kibana restart
Wazuh - Kibana compatibility matrix
Contribute
If you want to contribute to our project please don't hesitate to send a pull request. You can also join our users mailing list, by sending an email to mailto:wazuh+subscribe@googlegroups.com, to ask questions and participate in discussions.
Software and libraries used
- https://elastic.co
- https://material.angularjs.org
- https://angularjs.org
- https://nodejs.org
- https://npmjs.com
Copyright & License
Copyright © 2020 Wazuh, Inc.
This program is free software; you can redistribute it and/or modify it under the terms of the GNU General Public License as published by the Free Software Foundation; either version 2 of the License, or (at your option) any later version.
Find more information about this on the LICENSE file.