Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Migrate master to 2.17.1 #530

Merged
merged 120 commits into from
Nov 12, 2024
Merged

Migrate master to 2.17.1 #530

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
120 commits
Select commit Hold shift + click to select a range
f1988bb
Init wazuh-indexer (#3)
AlexRuiz7 Aug 3, 2023
7bd2ffa
Create codeql.yml
AlexRuiz7 Aug 3, 2023
22c9099
Update dependabot.yml
AlexRuiz7 Aug 3, 2023
6d25d21
Update SECURITY.md (#30)
AlexRuiz7 Sep 19, 2023
90e8a8d
Add ECS mappings generator (#36)
AlexRuiz7 Oct 9, 2023
a98539c
Add default query fields to vulnerability detector index (#40)
AlexRuiz7 Oct 20, 2023
1fe63cd
Create gradle_build.yml
AlexRuiz7 Oct 20, 2023
545dc8e
Update gradle_build.yml
AlexRuiz7 Oct 20, 2023
c95fceb
Add a script to configure the rollover policy (#49)
AlexRuiz7 Nov 2, 2023
1d809fd
Update ISM init script (#50)
AlexRuiz7 Nov 7, 2023
375cebf
Fix bug with -i option (#51)
AlexRuiz7 Nov 8, 2023
4650ed8
Update min_doc_count value (#52)
AlexRuiz7 Nov 14, 2023
845f66c
Improve ISM init script (#57)
AlexRuiz7 Nov 15, 2023
f37fd2c
Update distribution files (#59)
AlexRuiz7 Nov 22, 2023
fc75637
Update documentation of the ECS tooling (#67)
AlexRuiz7 Nov 28, 2023
0408901
Add workflow for package generation (#65)
AlexRuiz7 Nov 28, 2023
2e0701f
Add docker compose environment (#66)
AlexRuiz7 Nov 29, 2023
80561b1
Rename packages to wazuh-indexer (#69)
AlexRuiz7 Dec 5, 2023
803cef9
Update vulnerability index mappings (#75)
AlexRuiz7 Dec 7, 2023
4eb8d26
Update `indexer-ism-init.sh` (#81)
AlexRuiz7 Dec 18, 2023
b2548f9
Add workflow to assemble packages (#85)
AlexRuiz7 Dec 26, 2023
69ecbcf
Fix yellow cluster state (#95)
AlexRuiz7 Dec 27, 2023
237bf5f
Update ism-init script (#97)
AlexRuiz7 Jan 3, 2024
f784440
Add tools to assemble DEB packages (#96)
AlexRuiz7 Jan 4, 2024
9966cd7
Update README.md
AlexRuiz7 Jan 4, 2024
dd446d3
Build scripts and GH workflows artifacts naming fix (#112)
f-galland Jan 10, 2024
52994fb
Use short SHA as Git reference in packages naming (#100)
f-galland Jan 10, 2024
7dbfaa7
Remove unneeded files from assembled packages (#115)
f-galland Jan 12, 2024
b2ebe7e
Add missing tools and files back into Wazuh Indexer packages (#117)
f-galland Jan 12, 2024
ce1516c
Remove unneeded symbolic links from assembled packages (#121)
f-galland Jan 15, 2024
4535419
Update issue templates (#127)
AlexRuiz7 Jan 16, 2024
d949146
Fix RPM package references to /var/run (#119)
f-galland Jan 18, 2024
a7b6060
Removing post-install message from wazuh-indexer.rpm.spec (#131)
f-galland Jan 18, 2024
652f7a5
Add tests to the packages building process (#132)
AlexRuiz7 Jan 18, 2024
b2613ae
Get Wazuh version from VERSION file (#122)
f-galland Jan 19, 2024
94b6080
Removing /usr/share/lintian/overrides/wazuh-indexer from deb packages…
f-galland Jan 19, 2024
1d76d17
Add `wazuh-template.json` to packages (#116)
f-galland Jan 19, 2024
4ca1a5e
Adding Debian packaging config files from Opensearch (#118)
f-galland Jan 19, 2024
ee213a1
Fix Build workflow to run on push events (#134)
AlexRuiz7 Jan 19, 2024
13eeab3
Use maven for plugin download (#139)
f-galland Jan 22, 2024
cbc1148
Add new custom field to the vulnerability detector index (#141)
AlexRuiz7 Jan 25, 2024
d112fa8
Fine tuning permissions on assembled packages (#137)
f-galland Jan 30, 2024
928bb3c
Init. Amazon Security Lake integration (#143)
AlexRuiz7 Jan 31, 2024
5458143
Add events generator tool for `wazuh-alerts` (#152)
AlexRuiz7 Feb 15, 2024
1457755
Add `wazuh.manager.name` to VD mappings (#158)
AlexRuiz7 Feb 20, 2024
276a792
Create compatibility_request.md (#163)
AlexRuiz7 Feb 23, 2024
43518f5
Add Python module to accomplish OCSF compliant events (#159)
AlexRuiz7 Mar 4, 2024
a2b4dda
Update Gradle setup action (#182)
AlexRuiz7 Mar 7, 2024
0e0c976
Update vulnerability-states fields (#177)
AlexRuiz7 Mar 7, 2024
7e515cd
Automate package's testing (#178)
AlexRuiz7 Mar 8, 2024
7cbb552
Remove ecs.version from query.default_fields (#184)
AlexRuiz7 Mar 8, 2024
b9a8cbf
Upload packages to S3 (#179)
AlexRuiz7 Mar 8, 2024
22c6575
Add bash to Docker dev image (#185)
AlexRuiz7 Mar 15, 2024
e5ed129
Update wazuh-states-vulnerabilities index mapping (#191)
AlexRuiz7 Mar 26, 2024
cb53a3c
Add pipeline to generate release packages (#193)
AlexRuiz7 Mar 27, 2024
3fca243
Build Docker images (#194)
AlexRuiz7 Apr 4, 2024
86ea5c8
Add on.workflow_call to build_single.yml workflow (#200)
AlexRuiz7 Apr 9, 2024
2520d1d
Add Pyhton module to implement Amazon Security Lake integration (#186)
AlexRuiz7 Apr 9, 2024
a9f2c6e
Replace choice with string on workflow_call (#207)
AlexRuiz7 Apr 18, 2024
7b0a99a
Use AWS_REGION secret (#209)
AlexRuiz7 Apr 24, 2024
be4dfc4
Add Lambda function for the Amazon Security Lake integration (#189)
AlexRuiz7 Apr 24, 2024
01c5b4f
Bump Java version in Docker environments (#210)
AlexRuiz7 Apr 26, 2024
4914e7b
Fix access denied error during log rotation (#212)
AlexRuiz7 Apr 26, 2024
9b6bdef
Save intermediate OCSF files to an S3 bucket (#218)
AlexRuiz7 Apr 26, 2024
1d7eb08
Fix Parquet files format (#217)
AlexRuiz7 Apr 26, 2024
df6459e
Fix mapping to Detection Finding OCSF class (#220)
AlexRuiz7 Apr 29, 2024
4e9866e
Map events to OCSF's Security Finding class (#221)
AlexRuiz7 Apr 30, 2024
5b5ee35
Add ID input to workflows (#229)
rauldpm May 17, 2024
8a60fb8
Add OPENSEARCH_TMPDIR variable to service and create directory in pac…
f-galland May 21, 2024
6ff15d8
Improve workflow's run-name with tagret system and architeture (#237)
AlexRuiz7 May 28, 2024
2275af0
Add documentation for the Amazon Security Lake integration (#226)
AlexRuiz7 May 28, 2024
f28f2df
Rename environment variable (#240)
AlexRuiz7 May 28, 2024
3a122ad
Remove maintainer-approval.yml (#241)
AlexRuiz7 May 28, 2024
a63c4f6
Improve logging and error handling on ASL Lambda function (#242)
AlexRuiz7 May 29, 2024
ac42a77
Update .gitattributes (#243)
AlexRuiz7 May 29, 2024
0376769
Change . for : in debian's postinst (#245)
f-galland May 31, 2024
590b232
Add integration with Elastic (#248)
AlexRuiz7 Jun 5, 2024
1e29c2e
Added S3 URI output to package generation upload (#249)
rauldpm Jun 7, 2024
a41de35
Add OpenSearch integration (#258)
f-galland Jun 7, 2024
4d12433
Add Splunk integration (#257)
AlexRuiz7 Jun 11, 2024
27fc414
Add Manager to Elastic integration (#266)
AlexRuiz7 Jun 12, 2024
025677d
Add Manager to Splunk integration (#268)
AlexRuiz7 Jun 14, 2024
24de636
Add Manager to OpenSearch integration (#267)
AlexRuiz7 Jun 14, 2024
41ce286
Attempt nr.2 to fix #277 (#280)
AlexRuiz7 Jun 25, 2024
6bb76f1
Remove references to indexer-ism-init.sh and wazuh-template.json (#281)
f-galland Jun 25, 2024
3a767f4
Bump 4.10.0 (#272)
AlexRuiz7 Jun 20, 2024
4f6f7ad
Merge 4.9.1 into 4.10.0 (#358)
AlexRuiz7 Aug 20, 2024
3f4c7ef
Create branch 5.0.0 (#154)
AlexRuiz7 Feb 14, 2024
a266cb3
Update `build` workflow to build indexer plugins (#360)
AlexRuiz7 Aug 28, 2024
5166e4d
Add tooling to generate the agents index template (#370)
AlexRuiz7 Sep 4, 2024
1359017
Merge 4.10.0 into master (#379)
AlexRuiz7 Sep 6, 2024
5801d5d
Remove `alerts.json` references and manager integrations (#385)
f-galland Sep 9, 2024
5568db5
Fix build.gradle (#381) (#384)
AlexRuiz7 Sep 9, 2024
6229e63
Add issue template for Indexer-Dashboard packages testing (#393)
AlexRuiz7 Sep 12, 2024
b26070a
Add stateless index template definition (#395)
AlexRuiz7 Sep 12, 2024
cd6e61e
Add states-inventory-packages index template definition (#399)
f-galland Sep 12, 2024
5341db9
Add states-inventory-processes index template definition (#401)
f-galland Sep 12, 2024
e1bf7ab
Add states-inventory-system index template definition (#403)
f-galland Sep 13, 2024
071c1f1
Add states-vulnerabilities index template definition (#405)
f-galland Sep 13, 2024
09bc22a
Add states-fim index template definition (#397)
f-galland Sep 13, 2024
0cfdc08
Include Command Manager plugin to the build workflow (#408)
AlexRuiz7 Sep 16, 2024
ba67bd8
Add commands index template definition (#413)
AlexRuiz7 Sep 19, 2024
ad8b746
Build & Assemble reporting plugin (#431)
AlexRuiz7 Sep 25, 2024
f90165e
Add events generator for the Commands Manager plugin (#433)
AlexRuiz7 Sep 27, 2024
c032106
Update commands index defition (#437)
AlexRuiz7 Oct 1, 2024
50cb24e
Update commands index data model (#453)
AlexRuiz7 Oct 11, 2024
e0fc22f
Merge 4.10.2 into master (#475)
AlexRuiz7 Oct 18, 2024
23c7072
Fix tar packages plugin bundling (#466)
f-galland Oct 18, 2024
3a0d45b
Implement Vagrantfile for generic testing environment (#474)
QU3B1M Oct 18, 2024
9a31190
Fix pre-start.sh script for Vagrant environment (#479)
QU3B1M Oct 21, 2024
1d07277
Apply states-vulnerabilities index pattern fix (#483)
AlexRuiz7 Oct 22, 2024
f2361de
Fix template-settings fields (#490)
QU3B1M Oct 23, 2024
e974a05
Update packages destination to 5.x S3 bucket (#495)
QU3B1M Oct 25, 2024
1eea197
Delete compatibility setting in opeansearch.prod.yml (#504)
mcasas993 Oct 29, 2024
1dac3e8
Save plugins and reporting repo hashes on workflow variable and updat…
QU3B1M Oct 31, 2024
3b2cfc6
Merge 4.10.2 into master (#514)
AlexRuiz7 Nov 5, 2024
eb922a2
Add bash scripts for MVP validation tests (#482)
QU3B1M Nov 5, 2024
2a9f100
Create feature_template.md
AlexRuiz7 Nov 6, 2024
7b62ca5
Upgrade third-party integrations to latest versions available (#519)
QU3B1M Nov 6, 2024
b7ab43c
Update CI workflow (#529)
AlexRuiz7 Nov 8, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
9 changes: 9 additions & 0 deletions .gitattributes
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -11,3 +11,12 @@
*.crt binary
*.p12 binary
*.txt text=auto

# Image
*.ai filter=lfs diff=lfs merge=lfs -text
*.gif filter=lfs diff=lfs merge=lfs -text
*.jpg filter=lfs diff=lfs merge=lfs -text
*.jpeg filter=lfs diff=lfs merge=lfs -text
*.png filter=lfs diff=lfs merge=lfs -text
*.psd filter=lfs diff=lfs merge=lfs -text
*.tga filter=lfs diff=lfs merge=lfs -text
26 changes: 1 addition & 25 deletions .github/CODEOWNERS
View file
Open in desktop
Validating CODEOWNERS rules …
Original file line number Diff line number Diff line change
Expand Up @@ -10,28 +10,4 @@
# 2. Go to a file
# 3. Use the command palette to run the CODEOWNERS: Show owners of current file command, which will display all code owners for the current file.

# Default ownership for all repo files
* @anasalkouz @andrross @ashking94 @Bukhtawar @CEHENKLE @dblock @dbwiddis @gbbafna @jainankitk @kotwanikunal @linuxpi @mch2 @msfroh @nknize @owaiskazi19 @reta @Rishikesh1159 @sachinpkale @saratvemulapalli @shwetathareja @sohami @VachaShah

/modules/lang-painless/ @anasalkouz @andrross @ashking94 @Bukhtawar @CEHENKLE @dblock @dbwiddis @gbbafna @jed326 @kotwanikunal @mch2 @msfroh @nknize @owaiskazi19 @reta @Rishikesh1159 @sachinpkale @saratvemulapalli @shwetathareja @sohami @VachaShah
/modules/parent-join/ @anasalkouz @andrross @ashking94 @Bukhtawar @CEHENKLE @dblock @dbwiddis @gbbafna @jed326 @kotwanikunal @mch2 @msfroh @nknize @owaiskazi19 @reta @Rishikesh1159 @sachinpkale @saratvemulapalli @shwetathareja @sohami @VachaShah
/modules/transport-netty4/ @peternied

/plugins/identity-shiro/ @peternied

/server/src/internalClusterTest/java/org/opensearch/index/ @anasalkouz @andrross @ashking94 @Bukhtawar @CEHENKLE @dblock @dbwiddis @gbbafna @jed326 @kotwanikunal @mch2 @msfroh @nknize @owaiskazi19 @reta @Rishikesh1159 @sachinpkale @saratvemulapalli @shwetathareja @sohami @VachaShah
/server/src/internalClusterTest/java/org/opensearch/search/ @anasalkouz @andrross @ashking94 @Bukhtawar @CEHENKLE @dblock @dbwiddis @gbbafna @jed326 @kotwanikunal @mch2 @msfroh @nknize @owaiskazi19 @reta @Rishikesh1159 @sachinpkale @saratvemulapalli @shwetathareja @sohami @VachaShah

/server/src/main/java/org/opensearch/extensions/ @peternied
/server/src/main/java/org/opensearch/identity/ @peternied
/server/src/main/java/org/opensearch/index/ @anasalkouz @andrross @ashking94 @Bukhtawar @CEHENKLE @dblock @dbwiddis @gbbafna @jed326 @kotwanikunal @mch2 @msfroh @nknize @owaiskazi19 @reta @Rishikesh1159 @sachinpkale @saratvemulapalli @shwetathareja @sohami @VachaShah
/server/src/main/java/org/opensearch/search/ @anasalkouz @andrross @ashking94 @Bukhtawar @CEHENKLE @dblock @dbwiddis @gbbafna @jed326 @kotwanikunal @mch2 @msfroh @nknize @owaiskazi19 @reta @Rishikesh1159 @sachinpkale @saratvemulapalli @shwetathareja @sohami @VachaShah
/server/src/main/java/org/opensearch/threadpool/ @jed326 @peternied
/server/src/main/java/org/opensearch/transport/ @peternied

/server/src/test/java/org/opensearch/index/ @anasalkouz @andrross @ashking94 @Bukhtawar @CEHENKLE @dblock @dbwiddis @gbbafna @jed326 @kotwanikunal @mch2 @msfroh @nknize @owaiskazi19 @reta @Rishikesh1159 @sachinpkale @saratvemulapalli @shwetathareja @sohami @VachaShah
/server/src/test/java/org/opensearch/search/ @anasalkouz @andrross @ashking94 @Bukhtawar @CEHENKLE @dblock @dbwiddis @gbbafna @jed326 @kotwanikunal @mch2 @msfroh @nknize @owaiskazi19 @reta @Rishikesh1159 @sachinpkale @saratvemulapalli @shwetathareja @sohami @VachaShah

/.github/ @jed326 @peternied

/MAINTAINERS.md @anasalkouz @andrross @ashking94 @Bukhtawar @CEHENKLE @dblock @dbwiddis @gaobinlong @gbbafna @jed326 @kotwanikunal @mch2 @msfroh @nknize @owaiskazi19 @peternied @reta @Rishikesh1159 @sachinpkale @saratvemulapalli @shwetathareja @sohami @VachaShah
* @wazuh/devel-indexer
2 changes: 1 addition & 1 deletion .github/ISSUE_TEMPLATE/bug_template.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@
name: 🐛 Bug report
about: Create a report to help us improve
title: "[BUG]"
labels: 'bug, untriaged'
labels: ["type/bug", "level/task"]
assignees: ''
---

Expand Down
24 changes: 24 additions & 0 deletions .github/ISSUE_TEMPLATE/compatibility_request.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,24 @@
---
name: Compatibility request
about: Suggest supporting a new version of OpenSearch
title: 'Compatibility with OpenSearch (version)'
labels: request/operational, level/task, type/research
assignees: ''

---

## Description
We need to ensure the compatibility with the next version of OpenSearch vX.X.
This update is still being discussed, but we need to be aware of potential issues.

For that, we need to:

- [ ] Review opensearch's release notes.
- [ ] Identify improvements and potential impact.
- [ ] Identify changes on upstream files (listed on https://github.com/wazuh/wazuh-indexer/issues/94)
- [ ] Create new development branch.
- [ ] Develop a testing environment to verify our components would work under this new build.
- [ ] Indexer-Dashboard compatibility testing (open issue using the [template](https://github.com/wazuh/wazuh-indexer/issues/new/choose)).

## Issues
- _List here the detected issues_
27 changes: 27 additions & 0 deletions .github/ISSUE_TEMPLATE/compatibility_test.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,27 @@
---
name: Indexer-Dashboard compatibility testing with OpenSearch
about: Issue to perform internal testing of Indexer-Dashboard packages under a new version of OpenSearch
title: 'Indexer-Dashboard testing under OpenSearch (version)'
labels: request/operational, level/task, type/test
assignees: ''

---


## Description

We need to ensure our components work under the new version of OpenSearch. The goal of this issue is to test our packages, their lifecycle and the main correct communication of Indexer and Dashboard.

For that, we need to:

- [x] (Prerequisite) \<indexer-opensearch-compatibility-issue>
- [x] (Prerequisite) \<dashboard-opensearch-compatibility-issue>
- [ ] Verify the packages installs
- [ ] Verify the package upgrades: \<from-version> ⇾ \<to-version>
- [ ] Indexer-Dashboard communication works


Tests must be performed following the official documentation under RHEL 9 and Ubuntu 22.04 operating systems, or newer versions if available and supported.

## Issues
- _List here the detected issues_
2 changes: 1 addition & 1 deletion .github/ISSUE_TEMPLATE/feature_request.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@
name: 🎆 Feature request
about: Suggest an idea for this project
title: ''
labels: 'enhancement, untriaged'
labels: ["type/enhancement", "level/task"]
assignees: ''
---

Expand Down
23 changes: 23 additions & 0 deletions .github/ISSUE_TEMPLATE/feature_template.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,23 @@
---
name: "Feature template"
about: "[Internal] Used within Wazuh dev team to describe a new development of a produt's feature."
title: ""
labels: ["type/enhancement", "level/task"]
assignees: ""
---

## Description

...

## Functional requirements

- ...

## Implementation restrictions

- ...

## Plan

- [ ] ...
30 changes: 30 additions & 0 deletions .github/ISSUE_TEMPLATE/operational--integrations_maintenance_request.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,30 @@
---
name: Integrations maintenance request
about: Used by the Indexer team to maintain third-party software integrations and track the results.
title: Integrations maintenance request
labels: level/task, request/operational, type/maintenance
assignees: ""
---

## Description

The Wazuh Indexer team is responsible for the maintenance of the third-party integrations hosted in the wazuh/wazuh-indexer repository. We must ensure these integrations work under new releases of the third-party software (Splunk, Elastic, Logstash, …) and our own.

For that, we need to:

- [ ] Create a pull request that upgrades the components to the latest version.
- [ ] Update our testing environments to verify the integrations work under new versions.
- [ ] Test the integrations, checking that:
- The Docker Compose project starts without errors.
- The data arrives to the destination.
- All the dashboards can be imported successfully.
- All the dashboards are populated with data.
- [ ] Finally, upgrade the compatibility matrix in integrations/README.md with the new versions.

> [!NOTE]
> * For Logstash, we use the logstash-oss image.
> * For Wazuh Indexer and Wazuh Dashboard, we use the opensearch and opensearch-dashboards images. These must match the opensearch version that we support (e.g: for Wazuh 4.9.0 it is OpenSearch 2.13.0).

## Issues

- _List here the detected issues_
Loading