Add global FIM and system inventories #7368
Open
+10,787
−24,318
Conversation
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
- Replace FIM inventory table based on indexer data - Add `fim.pattern` setting to define the FIM index pattern
…based on indexer data - Replace the tables of agent system inventory based on indexer data - Create sample datasets for system inventory
- Create a OpenSearch Dashboards client with ability to: - Saved objects/index patterns: create, delete, get all, exists - Add the ability to create the index pattern into Wazuh dashboard - Move repeated logic from datasets to common file
…rn creation requirement
…licts because the this was created due to component is mounted 2 times triggering the creation 2 times in parallel
- Add useNewFilterManager hook - Add additional tabs for document details
- Add data sources - Add system inventory apps: - Hosts - Network - Software - Processes - Split FIM inventory into files and registries
4 tasks
…ttern to system_inventory_systems.pattern
Updates the type for `columnSchemaDefinitionsMap` from `Record<string, unknown>` to `Record<string, tDataGridColumn`. Improves type safety and code clarity within data grid components.
…a' of https://github.com/wazuh/wazuh-kibana-app into change/wz-27903-fim-system-inventory-tables-indexer-data
This reverts commit 2d5c311.
This reverts commit 8d89e48.
This reverts commit 75850e2.
This reverts commit 8306fdf.
Assigns `DataGridState` as the default for the generic type parameter, removing the need to specify it explicitly in common use cases.
Passes a unique identifier (`moduleId` or `tableId`) to the `useDataGrid` hook.
Retrieves the configured page size from local storage state management when the data grid initializes. Ensures user preference for page size persists between sessions.
Updates the `tableId` prop to `tableID` for consistency with naming conventions.
Turns off the ESLint extension within the VS Code workspace.
… to refetch the data
…a' of https://github.com/wazuh/wazuh-kibana-app into change/wz-27903-fim-system-inventory-tables-indexer-data
- Refactor TableDataGrid component and create a new hook to create the new dashboard layout
Comment on lines
+1971
to
+1988
| validate: SettingsValidator.compose( | ||
| SettingsValidator.isString, | ||
| SettingsValidator.isNotEmptyString, | ||
| SettingsValidator.hasNoSpaces, | ||
| SettingsValidator.noLiteralString('.', '..'), | ||
| SettingsValidator.noStartsWithString('-', '_', '+', '.'), | ||
| SettingsValidator.hasNotInvalidCharacters( | ||
| '\\', | ||
| '/', | ||
| '?', | ||
| '"', | ||
| '<', | ||
| '>', | ||
| '|', | ||
| ',', | ||
| '#', | ||
| ), | ||
| ), |
There was a problem hiding this comment.
You could unify all these Validates, extract them into a separate function, and reuse them where appropriate, since they are all the same, exactly the same.
There was a problem hiding this comment.
Yes, you are right that the generated function validator is used for more settings and it could be refactored into a function. It could be enhanced in the future. For another hand, refactoring into a function, it could cause problem if the setting definitions are splitted on multiple plugins that can not access to the unified function. At this moment, all the settings are defined in the main/wazuh plugin so it could make sense to unify this definition. Taking into account the changes included in this PR, I do not consider this should delay the review.
…omance problems getting the suggestions using a query with script
|
|
|
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Description
This pull request adds global FIM and system inventories.
Changes:
IT HygienetoSecurity operationscategoryIT Hygieneto agent menusystem_inventory.patternfim.patternuseDataGridto manage error on initializationGET /api/syscollectorendpointPOST /reports/agents/{agentID}/inventoryAPI endpoint and extended reporting information related to syscollectorInventory dataviews and button from agent overviewSide changes
vulnerabilities.patternsetting instead of searching index pattern with title/id that containsvulnerabilities.display:tableIssues Resolved
#27903
Evidence
FIM > Inventory
IT Hygiene > Dashboard
Overview
Agent
IT Hygiene > Inventory
Agent overview
Dev Tools
New settings
Test
This pull request adds a sample data generator, see
scripts/sample-data/README.md. The indexed sample data expects you use the imposter API.Legend:
⚫: none
🟢: pass
🟡: warning
🔴: fail
⚪: not applicable
UI
Details
⚫ Go to agent welcome and the hardware/system information should be displayed in a new panel
Chrome - ⚫
Firefox - ⚫
Safari - ⚫
⚫ Go to agent welcome and click on in a FIM file and it should open a flyout with the inventory details related to the selected file
Chrome - ⚫
Firefox - ⚫
Safari - ⚫
⚫ Go to Server management > Dev Tools and it should not have any request related to syscollector (clean browser)
Chrome - ⚫
Firefox - ⚫
Safari - ⚫
⚫ Go to File integrity monitoring > Inventory and test the queries, filters and the table represents the expected data. Ensure the document details is working as expected.
Chrome - ⚫
Firefox - ⚫
Safari - ⚫
⚫ Go to System inventory > IT Hygiene > Dashboard and test the queries, filters and the dashboard represents the expected data.
Chrome - ⚫
Firefox - ⚫
Safari - ⚫
⚫ Go to System inventory > IT Hygiene > Inventory and test the queries, filters and the table represents the expected data. Ensure the document details is working as expected.
Chrome - ⚫
Firefox - ⚫
Safari - ⚫
⚫ With no FIM indices and no index pattern, go to File integrity monitoring > Inventory and this should display a prompt
Chrome - ⚫
Firefox - ⚫
Safari - ⚫
⚫ With no System inventory indices and no index pattern, go to IT Hygiene > Inventory and this should display a prompt
Chrome - ⚫
Firefox - ⚫
Safari - ⚫
⚫ With no System inventory indices and no index pattern, go to IT Hygiene > Dashboard and this should display a prompt
Chrome - ⚫
Firefox - ⚫
Safari - ⚫
⚫ With no FIM indices and index pattern, go to File integrity monitoring > Inventory and this should display a prompt related to data source was not initialized
Chrome - ⚫
Firefox - ⚫
Safari - ⚫
⚫ With no System inventory indices and index pattern, go to IT Hygiene > Inventory and this should display a prompt related to data source was not initialized
Chrome - ⚫
Firefox - ⚫
Safari - ⚫
Check List