From e8b54c06e37a9508ef35a464e32e3fcadc6878c6 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?=C3=81lex=20Ruiz?= Date: Mon, 10 Feb 2025 12:57:12 +0100 Subject: [PATCH] Update references from "master" to "main" (#682) * Update references from "master" to "main" * More replacements --- .github/workflows/build-push-docker-image.yml | 8 ++-- .github/workflows/build.yml | 8 ++-- CHANGELOG.md | 2 +- build-scripts/README.md | 4 +- docker/builder/builder.sh | 8 ++-- docker/builder/compose.yml | 4 +- docker/builder/entrypoint.sh | 4 +- ecs/scripts/generate-pr-to-plugins.sh | 6 +-- integrations/amazon-security-lake/README.md | 37 ++++++++++++------- 9 files changed, 46 insertions(+), 35 deletions(-) diff --git a/.github/workflows/build-push-docker-image.yml b/.github/workflows/build-push-docker-image.yml index 27850f6221610..b384775503ba8 100644 --- a/.github/workflows/build-push-docker-image.yml +++ b/.github/workflows/build-push-docker-image.yml @@ -23,12 +23,12 @@ on: wazuh_plugins_ref: description: "Branch, commit or tag for the wazuh-indexer-plugins repository." type: string - default: "master" + default: "main" required: false reporting_plugin_ref: description: "Branch, commit or tag for the wazuh-indexer-reporting repository." type: string - default: "master" + default: "main" required: false workflow_call: inputs: @@ -48,12 +48,12 @@ on: wazuh_plugins_ref: description: "Branch, commit or tag for the wazuh-indexer-plugins repository." type: string - default: "master" + default: "main" required: false reporting_plugin_ref: description: "Branch, commit or tag for the wazuh-indexer-reporting repository." type: string - default: "master" + default: "main" required: false secrets: QUAY_USERNAME: diff --git a/.github/workflows/build.yml b/.github/workflows/build.yml index f6628187238d2..7ac9c1a2a2757 100644 --- a/.github/workflows/build.yml +++ b/.github/workflows/build.yml @@ -55,11 +55,11 @@ on: wazuh_plugins_ref: description: "Branch, commit or tag for the wazuh-indexer-plugins repository." type: string - default: "master" + default: "main" reporting_plugin_ref: description: "Branch, commit or tag for the wazuh-indexer-reporting repository." type: string - default: "master" + default: "main" workflow_call: inputs: revision: @@ -86,10 +86,10 @@ on: required: false wazuh_plugins_ref: type: string - default: "master" + default: "main" reporting_plugin_ref: type: string - default: "master" + default: "main" secrets: CI_INTERNAL_DEVELOPMENT_BUCKET_USER_ACCESS_KEY: required: true diff --git a/CHANGELOG.md b/CHANGELOG.md index 0af0e7396d9a9..f18bde02930d8 100644 --- a/CHANGELOG.md +++ b/CHANGELOG.md @@ -19,4 +19,4 @@ The format is based on [Keep a Changelog](https://keepachangelog.com/en/1.0.0/), ### Security -[Unreleased 5.0.x]: https://github.com/wazuh/wazuh-indexer/compare/4.10.2...master +[Unreleased 5.0.x]: https://github.com/wazuh/wazuh-indexer/compare/99a9a81da366173b0c2b963b26ea92e15ef34547...main diff --git a/build-scripts/README.md b/build-scripts/README.md index 04005f36bc955..05667c31a0e85 100644 --- a/build-scripts/README.md +++ b/build-scripts/README.md @@ -25,8 +25,8 @@ Use the script under `wazuh-indexer/docker/builder/builder.sh` to build a packag Usage: ./builder.sh [args] Arguments: --p INDEXER_PLUGINS_BRANCH [Optional] wazuh-indexer-plugins repo branch, default is 'master'. --r INDEXER_REPORTING_BRANCH [Optional] wazuh-indexer-reporting repo branch, default is 'master'. +-p INDEXER_PLUGINS_BRANCH [Optional] wazuh-indexer-plugins repo branch, default is 'main'. +-r INDEXER_REPORTING_BRANCH [Optional] wazuh-indexer-reporting repo branch, default is 'main'. -R REVISION [Optional] Package revision, default is '0'. -s STAGE [Optional] Staging build, default is 'false'. -d DISTRIBUTION [Optional] Distribution, default is 'rpm'. diff --git a/docker/builder/builder.sh b/docker/builder/builder.sh index cbd904518540a..759ee2f449dc6 100755 --- a/docker/builder/builder.sh +++ b/docker/builder/builder.sh @@ -66,8 +66,8 @@ function parse_args() { done ## Set defaults: - [ -z "$INDEXER_PLUGINS_BRANCH" ] && INDEXER_PLUGINS_BRANCH="master" - [ -z "$INDEXER_REPORTING_BRANCH" ] && INDEXER_REPORTING_BRANCH="master" + [ -z "$INDEXER_PLUGINS_BRANCH" ] && INDEXER_PLUGINS_BRANCH="main" + [ -z "$INDEXER_REPORTING_BRANCH" ] && INDEXER_REPORTING_BRANCH="main" [ -z "$REVISION" ] && REVISION="0" [ -z "$IS_STAGE" ] && IS_STAGE="false" [ -z "$DISTRIBUTION" ] && DISTRIBUTION="rpm" @@ -82,8 +82,8 @@ function usage() { echo "Usage: $0 [args]" echo "" echo "Arguments:" - echo -e "-p INDEXER_PLUGINS_BRANCH\t[Optional] wazuh-indexer-plugins repo branch, default is 'master'." - echo -e "-r INDEXER_REPORTING_BRANCH\t[Optional] wazuh-indexer-reporting repo branch, default is 'master'." + echo -e "-p INDEXER_PLUGINS_BRANCH\t[Optional] wazuh-indexer-plugins repo branch, default is 'main'." + echo -e "-r INDEXER_REPORTING_BRANCH\t[Optional] wazuh-indexer-reporting repo branch, default is 'main'." echo -e "-R REVISION\t[Optional] Package revision, default is '0'." echo -e "-s STAGE\t[Optional] Staging build, default is 'false'." echo -e "-d DISTRIBUTION\t[Optional] Distribution, default is 'rpm'." diff --git a/docker/builder/compose.yml b/docker/builder/compose.yml index d2b8338fa65c4..d14d7a3c8b0ee 100644 --- a/docker/builder/compose.yml +++ b/docker/builder/compose.yml @@ -6,8 +6,8 @@ services: context: ./../.. dockerfile: ${REPO_PATH}/docker/builder/Dockerfile environment: - - INDEXER_PLUGINS_BRANCH=${INDEXER_PLUGINS_BRANCH:-master} - - INDEXER_REPORTING_BRANCH=${INDEXER_REPORTING_BRANCH:-master} + - INDEXER_PLUGINS_BRANCH=${INDEXER_PLUGINS_BRANCH:-main} + - INDEXER_REPORTING_BRANCH=${INDEXER_REPORTING_BRANCH:-main} - REVISION=${REVISION:-0} - IS_STAGE=${IS_STAGE:-false} - DISTRIBUTION=${DISTRIBUTION:-rpm} diff --git a/docker/builder/entrypoint.sh b/docker/builder/entrypoint.sh index 980502d4894e1..19734794702b6 100644 --- a/docker/builder/entrypoint.sh +++ b/docker/builder/entrypoint.sh @@ -4,8 +4,8 @@ set -e # Set default values for environment variables -INDEXER_PLUGINS_BRANCH=${INDEXER_PLUGINS_BRANCH:-master} -INDEXER_REPORTING_BRANCH=${INDEXER_REPORTING_BRANCH:-master} +INDEXER_PLUGINS_BRANCH=${INDEXER_PLUGINS_BRANCH:-main} +INDEXER_REPORTING_BRANCH=${INDEXER_REPORTING_BRANCH:-main} REVISION=${REVISION:-0} IS_STAGE=${IS_STAGE:-false} DISTRIBUTION=${DISTRIBUTION:-rpm} diff --git a/ecs/scripts/generate-pr-to-plugins.sh b/ecs/scripts/generate-pr-to-plugins.sh index 6a178618536e7..08303890a3c0f 100644 --- a/ecs/scripts/generate-pr-to-plugins.sh +++ b/ecs/scripts/generate-pr-to-plugins.sh @@ -7,7 +7,7 @@ TEMPLATES_PATH="plugins/setup/src/main/resources/" PLUGINS_REPO="wazuh/wazuh-indexer-plugins" CURRENT_PATH=$(pwd) OUTPUT_PATH=${OUTPUT_PATH:-"$CURRENT_PATH"/../output} -BASE_BRANCH=${BASE_BRANCH:-master} +BASE_BRANCH=${BASE_BRANCH:-main} PLUGINS_LOCAL_PATH=${PLUGINS_LOCAL_PATH:-"$CURRENT_PATH"/../wazuh-indexer-plugins} # Committer's identity @@ -49,7 +49,7 @@ check_running_on_gha() { detect_modified_modules() { echo echo "---> Fetching and extracting modified ECS modules..." - git fetch origin +refs/heads/master:refs/remotes/origin/master + git fetch origin +refs/heads/main:refs/remotes/origin/main local modified_files local updated_modules=() modified_files=$(git diff --name-only origin/"$BASE_BRANCH") @@ -218,7 +218,7 @@ EOF gh auth login --with-token < token.txt if [ -z "$existing_pr" ]; then - output=$(gh pr create --title "$title" --body "$body" --base master --head "$BRANCH_NAME") + output=$(gh pr create --title "$title" --body "$body" --base main --head "$BRANCH_NAME") pr_url=$(echo "$output" | grep -oP 'https://github.com/\S+') export PR_URL="$pr_url" echo "New pull request created: $PR_URL" diff --git a/integrations/amazon-security-lake/README.md b/integrations/amazon-security-lake/README.md index 3ed15851ef17e..989bbbafc868b 100644 --- a/integrations/amazon-security-lake/README.md +++ b/integrations/amazon-security-lake/README.md @@ -2,17 +2,28 @@ ## Table of Contents -- [Introduction](#introduction) -- [Prerequisites](#prerequisites) -- [Integration guide](#integration-guide) - - [Configure Amazon Security Lake](#configure-amazon-security-lake) - - [Create an AWS S3 bucket](#create-an-s3-bucket-to-store-events) - - [Configure the AWS Lambda function](#create-an-aws-lambda-function) - - [Validation](#validation) - - [Install and configure Logstash](#install-and-configure-logstash) -- [OCSF mapping](#ocsf-mapping) -- [Troubleshooting](#troubleshooting) -- [Support](#support) +- [Wazuh to Amazon Security Lake Integration Guide](#wazuh-to-amazon-security-lake-integration-guide) + - [Table of Contents](#table-of-contents) + - [Introduction](#introduction) + - [Amazon Security Lake](#amazon-security-lake) + - [Open Cybersecurity Schema Framework](#open-cybersecurity-schema-framework) + - [Wazuh Security Events](#wazuh-security-events) + - [Wazuh Security Events to Amazon Security Lake](#wazuh-security-events-to-amazon-security-lake) + - [Prerequisites](#prerequisites) + - [Integration guide](#integration-guide) + - [Configure Amazon Security Lake](#configure-amazon-security-lake) + - [Create a custom source for Wazuh](#create-a-custom-source-for-wazuh) + - [Create an S3 bucket to store events](#create-an-s3-bucket-to-store-events) + - [Create an AWS Lambda function](#create-an-aws-lambda-function) + - [Validation](#validation) + - [Install and configure Logstash](#install-and-configure-logstash) + - [Configure the Logstash pipeline](#configure-the-logstash-pipeline) + - [Running Logstash](#running-logstash) + - [OCSF Mapping](#ocsf-mapping) + - [Metadata](#metadata) + - [Security events](#security-events) + - [Troubleshooting](#troubleshooting) + - [Support](#support) ## Introduction @@ -31,8 +42,8 @@ Wazuh uses rules to monitor the events and logs in your network to detect securi **References**: - https://documentation.wazuh.com/current/user-manual/ruleset/getting-started.html#github-repository -- https://github.com/wazuh/wazuh/tree/master/ruleset/rules -- https://github.com/wazuh/wazuh/blob/master/extensions/elasticsearch/7.x/wazuh-template.json +- https://github.com/wazuh/wazuh/tree/main/ruleset/rules +- https://github.com/wazuh/wazuh/blob/main/extensions/elasticsearch/7.x/wazuh-template.json ### Wazuh Security Events to Amazon Security Lake