Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Migrate 4.12.0 to 2.19.0 #695

Merged
merged 115 commits into from
Feb 20, 2025
Merged

Migrate 4.12.0 to 2.19.0 #695

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
115 commits
Select commit Hold shift + click to select a range
dd261e4
Init wazuh-indexer (#3)
AlexRuiz7 Aug 3, 2023
b8a3c26
Create codeql.yml
AlexRuiz7 Aug 3, 2023
fccc307
Update dependabot.yml
AlexRuiz7 Aug 3, 2023
c367b3e
Update SECURITY.md (#30)
AlexRuiz7 Sep 19, 2023
3f6184b
Add ECS mappings generator (#36)
AlexRuiz7 Oct 9, 2023
db84d83
Add default query fields to vulnerability detector index (#40)
AlexRuiz7 Oct 20, 2023
fee814b
Create gradle_build.yml
AlexRuiz7 Oct 20, 2023
ea321d5
Update gradle_build.yml
AlexRuiz7 Oct 20, 2023
99a59eb
Add a script to configure the rollover policy (#49)
AlexRuiz7 Nov 2, 2023
f87b34d
Update ISM init script (#50)
AlexRuiz7 Nov 7, 2023
a310efa
Fix bug with -i option (#51)
AlexRuiz7 Nov 8, 2023
70a3629
Update min_doc_count value (#52)
AlexRuiz7 Nov 14, 2023
32d2bfc
Improve ISM init script (#57)
AlexRuiz7 Nov 15, 2023
c65abcd
Update distribution files (#59)
AlexRuiz7 Nov 22, 2023
cb89482
Update documentation of the ECS tooling (#67)
AlexRuiz7 Nov 28, 2023
da1e56a
Add workflow for package generation (#65)
AlexRuiz7 Nov 28, 2023
63a5dae
Add docker compose environment (#66)
AlexRuiz7 Nov 29, 2023
5593e18
Rename packages to wazuh-indexer (#69)
AlexRuiz7 Dec 5, 2023
1fc0270
Update vulnerability index mappings (#75)
AlexRuiz7 Dec 7, 2023
ceae1fa
Update `indexer-ism-init.sh` (#81)
AlexRuiz7 Dec 18, 2023
7dca1e3
Add workflow to assemble packages (#85)
AlexRuiz7 Dec 26, 2023
e98a2fd
Fix yellow cluster state (#95)
AlexRuiz7 Dec 27, 2023
37cc9dd
Update ism-init script (#97)
AlexRuiz7 Jan 3, 2024
0819e41
Add tools to assemble DEB packages (#96)
AlexRuiz7 Jan 4, 2024
e42526d
Update README.md
AlexRuiz7 Jan 4, 2024
9730f70
Build scripts and GH workflows artifacts naming fix (#112)
f-galland Jan 10, 2024
4e10c75
Use short SHA as Git reference in packages naming (#100)
f-galland Jan 10, 2024
4602261
Remove unneeded files from assembled packages (#115)
f-galland Jan 12, 2024
2774dd6
Add missing tools and files back into Wazuh Indexer packages (#117)
f-galland Jan 12, 2024
3356f22
Remove unneeded symbolic links from assembled packages (#121)
f-galland Jan 15, 2024
4d49300
Update issue templates (#127)
AlexRuiz7 Jan 16, 2024
f9b93bf
Fix RPM package references to /var/run (#119)
f-galland Jan 18, 2024
ba47bea
Removing post-install message from wazuh-indexer.rpm.spec (#131)
f-galland Jan 18, 2024
57decd5
Add tests to the packages building process (#132)
AlexRuiz7 Jan 18, 2024
704e3f9
Get Wazuh version from VERSION file (#122)
f-galland Jan 19, 2024
3c50d14
Removing /usr/share/lintian/overrides/wazuh-indexer from deb packages…
f-galland Jan 19, 2024
e9dfe30
Add `wazuh-template.json` to packages (#116)
f-galland Jan 19, 2024
2a2e7d2
Adding Debian packaging config files from Opensearch (#118)
f-galland Jan 19, 2024
3be5676
Fix Build workflow to run on push events (#134)
AlexRuiz7 Jan 19, 2024
90aabeb
Use maven for plugin download (#139)
f-galland Jan 22, 2024
45cf392
Add new custom field to the vulnerability detector index (#141)
AlexRuiz7 Jan 25, 2024
01c8b91
Fine tuning permissions on assembled packages (#137)
f-galland Jan 30, 2024
e0c7a77
Init. Amazon Security Lake integration (#143)
AlexRuiz7 Jan 31, 2024
787468e
Add events generator tool for `wazuh-alerts` (#152)
AlexRuiz7 Feb 15, 2024
5e6343c
Add `wazuh.manager.name` to VD mappings (#158)
AlexRuiz7 Feb 20, 2024
02e55fd
Create compatibility_request.md (#163)
AlexRuiz7 Feb 23, 2024
e410f60
Add Python module to accomplish OCSF compliant events (#159)
AlexRuiz7 Mar 4, 2024
af87678
Update Gradle setup action (#182)
AlexRuiz7 Mar 7, 2024
bbf0cda
Update vulnerability-states fields (#177)
AlexRuiz7 Mar 7, 2024
093012d
Automate package's testing (#178)
AlexRuiz7 Mar 8, 2024
04ebe06
Remove ecs.version from query.default_fields (#184)
AlexRuiz7 Mar 8, 2024
e692b90
Upload packages to S3 (#179)
AlexRuiz7 Mar 8, 2024
c1ccc31
Add bash to Docker dev image (#185)
AlexRuiz7 Mar 15, 2024
4a8a002
Update wazuh-states-vulnerabilities index mapping (#191)
AlexRuiz7 Mar 26, 2024
95c0a53
Add pipeline to generate release packages (#193)
AlexRuiz7 Mar 27, 2024
73ce6ea
Build Docker images (#194)
AlexRuiz7 Apr 4, 2024
5bb68c0
Add on.workflow_call to build_single.yml workflow (#200)
AlexRuiz7 Apr 9, 2024
703796f
Add Pyhton module to implement Amazon Security Lake integration (#186)
AlexRuiz7 Apr 9, 2024
e3cee85
Replace choice with string on workflow_call (#207)
AlexRuiz7 Apr 18, 2024
bfd2913
Use AWS_REGION secret (#209)
AlexRuiz7 Apr 24, 2024
4675b7c
Add Lambda function for the Amazon Security Lake integration (#189)
AlexRuiz7 Apr 24, 2024
7764594
Bump Java version in Docker environments (#210)
AlexRuiz7 Apr 26, 2024
e896999
Fix access denied error during log rotation (#212)
AlexRuiz7 Apr 26, 2024
e91ade7
Save intermediate OCSF files to an S3 bucket (#218)
AlexRuiz7 Apr 26, 2024
f05ca1d
Fix Parquet files format (#217)
AlexRuiz7 Apr 26, 2024
fec606e
Fix mapping to Detection Finding OCSF class (#220)
AlexRuiz7 Apr 29, 2024
6462c94
Map events to OCSF's Security Finding class (#221)
AlexRuiz7 Apr 30, 2024
76024c4
Add ID input to workflows (#229)
rauldpm May 17, 2024
b219e34
Add OPENSEARCH_TMPDIR variable to service and create directory in pac…
f-galland May 21, 2024
8fb78fa
Improve workflow's run-name with tagret system and architeture (#237)
AlexRuiz7 May 28, 2024
b0dde9a
Add documentation for the Amazon Security Lake integration (#226)
AlexRuiz7 May 28, 2024
fce1b74
Rename environment variable (#240)
AlexRuiz7 May 28, 2024
93f998a
Remove maintainer-approval.yml (#241)
AlexRuiz7 May 28, 2024
966989a
Improve logging and error handling on ASL Lambda function (#242)
AlexRuiz7 May 29, 2024
64a6973
Update .gitattributes (#243)
AlexRuiz7 May 29, 2024
8e89049
Change . for : in debian's postinst (#245)
f-galland May 31, 2024
0f9561d
Add integration with Elastic (#248)
AlexRuiz7 Jun 5, 2024
d85add0
Added S3 URI output to package generation upload (#249)
rauldpm Jun 7, 2024
049650d
Add OpenSearch integration (#258)
f-galland Jun 7, 2024
fe0a23c
Add Splunk integration (#257)
AlexRuiz7 Jun 11, 2024
a522bad
Add Manager to Elastic integration (#266)
AlexRuiz7 Jun 12, 2024
573403c
Add Manager to Splunk integration (#268)
AlexRuiz7 Jun 14, 2024
7d6e274
Add Manager to OpenSearch integration (#267)
AlexRuiz7 Jun 14, 2024
fac5791
Attempt nr.2 to fix #277 (#280)
AlexRuiz7 Jun 25, 2024
ace4c65
Remove references to indexer-ism-init.sh and wazuh-template.json (#281)
f-galland Jun 25, 2024
c8b33d4
Bump 4.10.0 (#272)
AlexRuiz7 Jun 20, 2024
3726e8f
Merge 4.9.1 into 4.10.0 (#358)
AlexRuiz7 Aug 20, 2024
9bd1df6
Merge 4.9.2 into 4.10.0 (#378)
AlexRuiz7 Sep 6, 2024
623e1c7
Fix build.gradle (#381)
AlexRuiz7 Sep 9, 2024
3099d25
Remove old compose files for integrations (#386)
AlexRuiz7 Sep 9, 2024
9ba3d79
Delete integrations/docker/amazon-security-lake.yml
AlexRuiz7 Sep 9, 2024
1ef1f95
Delete integrations/docker/config directory
AlexRuiz7 Sep 9, 2024
06fbed7
Update vulnerability detector index template (#383)
AlexRuiz7 Sep 9, 2024
aacb9e7
Merge 4.9.1 into 4.10.0 (#426)
AlexRuiz7 Sep 23, 2024
1f87707
Bump version to 4.10.1 (#430)
AlexRuiz7 Sep 24, 2024
57bf979
Support new version 4.10.2 (#441)
AlexRuiz7 Oct 3, 2024
56d47e5
Enable assembly of ARM packages (#444)
AlexRuiz7 Oct 4, 2024
768c9b0
Merge 4.10.1 into 4.10.2 (#473)
AlexRuiz7 Oct 17, 2024
a915636
Merge 4.10.1 into 4.10.2 (#513)
AlexRuiz7 Nov 5, 2024
5bafdc2
Fix startup errors on STIG compliant systems due to noexec filesystem…
QU3B1M Nov 25, 2024
5367c1e
Merge 4.10.1 into 4.10.2 (#597)
AlexRuiz7 Dec 13, 2024
aae024e
Support new Wazuh version 4.10.3. (#600)
AlexRuiz7 Dec 18, 2024
b62bb89
Support new Wazuh version 4.12.0 (#617)
AlexRuiz7 Dec 23, 2024
291c8e0
Merge 4.11.0 into 4.12.0 (#635)
AlexRuiz7 Jan 10, 2025
e0da93d
Add scanner.condition custom field to VD (#637)
QU3B1M Jan 10, 2025
bfbca1a
Merge 4.11.0 into 4.12.0 (#647)
AlexRuiz7 Jan 17, 2025
4943586
Update Vulnerability Scanner package.size ECS field to unsigned_long …
QU3B1M Feb 3, 2025
a045b8b
Merge 4.11.0 into 4.12.0 (#670)
AlexRuiz7 Feb 4, 2025
7f152c5
Bump Gradle and JDK version
AlexRuiz7 Feb 19, 2025
48be680
Fix Changelog
AlexRuiz7 Feb 19, 2025
d513093
Fix Gradle scripts
AlexRuiz7 Feb 19, 2025
b4ecdde
Bump setup-java to JDK21
AlexRuiz7 Feb 19, 2025
e949930
Update Gradle to 8.12
AlexRuiz7 Feb 19, 2025
282c557
Add vulnerability.scanner.reference field to VD and alerts indexes (#…
AlexRuiz7 Feb 20, 2025
2bb9be6
Version file standarization (#693)
f-galland Feb 20, 2025
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
9 changes: 9 additions & 0 deletions .gitattributes
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -11,3 +11,12 @@
*.crt binary
*.p12 binary
*.txt text=auto

# Image
*.ai filter=lfs diff=lfs merge=lfs -text
*.gif filter=lfs diff=lfs merge=lfs -text
*.jpg filter=lfs diff=lfs merge=lfs -text
*.jpeg filter=lfs diff=lfs merge=lfs -text
*.png filter=lfs diff=lfs merge=lfs -text
*.psd filter=lfs diff=lfs merge=lfs -text
*.tga filter=lfs diff=lfs merge=lfs -text
26 changes: 1 addition & 25 deletions .github/CODEOWNERS
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -10,28 +10,4 @@
# 2. Go to a file
# 3. Use the command palette to run the CODEOWNERS: Show owners of current file command, which will display all code owners for the current file.

# Default ownership for all repo files
* @anasalkouz @andrross @ashking94 @Bukhtawar @CEHENKLE @cwperks @dblock @dbwiddis @gbbafna @jainankitk @kotwanikunal @linuxpi @mch2 @msfroh @nknize @owaiskazi19 @reta @Rishikesh1159 @sachinpkale @saratvemulapalli @shwetathareja @sohami @VachaShah

/modules/lang-painless/ @anasalkouz @andrross @ashking94 @Bukhtawar @CEHENKLE @dblock @dbwiddis @gbbafna @jed326 @kotwanikunal @mch2 @msfroh @nknize @owaiskazi19 @reta @Rishikesh1159 @sachinpkale @saratvemulapalli @shwetathareja @sohami @VachaShah
/modules/parent-join/ @anasalkouz @andrross @ashking94 @Bukhtawar @CEHENKLE @dblock @dbwiddis @gbbafna @jed326 @kotwanikunal @mch2 @msfroh @nknize @owaiskazi19 @reta @Rishikesh1159 @sachinpkale @saratvemulapalli @shwetathareja @sohami @VachaShah
/modules/transport-netty4/ @peternied

/plugins/identity-shiro/ @peternied @cwperks

/server/src/internalClusterTest/java/org/opensearch/index/ @anasalkouz @andrross @ashking94 @Bukhtawar @CEHENKLE @cwperks @dblock @dbwiddis @gbbafna @jed326 @kotwanikunal @mch2 @msfroh @nknize @owaiskazi19 @reta @Rishikesh1159 @sachinpkale @saratvemulapalli @shwetathareja @sohami @VachaShah
/server/src/internalClusterTest/java/org/opensearch/search/ @anasalkouz @andrross @ashking94 @Bukhtawar @CEHENKLE @cwperks @dblock @dbwiddis @gbbafna @jed326 @kotwanikunal @mch2 @msfroh @nknize @owaiskazi19 @reta @Rishikesh1159 @sachinpkale @saratvemulapalli @shwetathareja @sohami @VachaShah

/server/src/main/java/org/opensearch/extensions/ @peternied
/server/src/main/java/org/opensearch/identity/ @peternied @cwperks
/server/src/main/java/org/opensearch/index/ @anasalkouz @andrross @ashking94 @Bukhtawar @CEHENKLE @cwperks @dblock @dbwiddis @gbbafna @jed326 @kotwanikunal @mch2 @msfroh @nknize @owaiskazi19 @reta @Rishikesh1159 @sachinpkale @saratvemulapalli @shwetathareja @sohami @VachaShah
/server/src/main/java/org/opensearch/search/ @anasalkouz @andrross @ashking94 @Bukhtawar @CEHENKLE @cwperks @dblock @dbwiddis @gbbafna @jed326 @kotwanikunal @mch2 @msfroh @nknize @owaiskazi19 @reta @Rishikesh1159 @sachinpkale @saratvemulapalli @shwetathareja @sohami @VachaShah
/server/src/main/java/org/opensearch/threadpool/ @jed326 @peternied
/server/src/main/java/org/opensearch/transport/ @peternied

/server/src/test/java/org/opensearch/index/ @anasalkouz @andrross @ashking94 @Bukhtawar @CEHENKLE @cwperks @dblock @dbwiddis @gbbafna @jed326 @kotwanikunal @mch2 @msfroh @nknize @owaiskazi19 @reta @Rishikesh1159 @sachinpkale @saratvemulapalli @shwetathareja @sohami @VachaShah
/server/src/test/java/org/opensearch/search/ @anasalkouz @andrross @ashking94 @Bukhtawar @CEHENKLE @cwperks @dblock @dbwiddis @gbbafna @jed326 @kotwanikunal @mch2 @msfroh @nknize @owaiskazi19 @reta @Rishikesh1159 @sachinpkale @saratvemulapalli @shwetathareja @sohami @VachaShah

/.github/ @jed326 @peternied

/MAINTAINERS.md @anasalkouz @andrross @ashking94 @Bukhtawar @CEHENKLE @cwperks @dblock @dbwiddis @gaobinlong @gbbafna @jed326 @kotwanikunal @mch2 @msfroh @nknize @owaiskazi19 @peternied @reta @Rishikesh1159 @sachinpkale @saratvemulapalli @shwetathareja @sohami @VachaShah
* @wazuh/devel-xdrsiem-indexer
2 changes: 1 addition & 1 deletion .github/ISSUE_TEMPLATE/bug_template.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@
name: 🐛 Bug report
about: Create a report to help us improve
title: "[BUG]"
labels: 'bug, untriaged'
labels: ["type/bug", "level/task"]
assignees: ''
---

Expand Down
23 changes: 23 additions & 0 deletions .github/ISSUE_TEMPLATE/compatibility_request.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,23 @@
---
name: Compatibility request
about: Suggest supporting a new version of OpenSearch
title: 'Compatibility with OpenSearch (version)'
labels: compatibility, level/task, type/research
assignees: ''

---

## Description
We need to ensure the compatibility with the next version of OpenSearch vX.X.
This update is still being discussed, but we need to be aware of potential issues.

For that, we need to:

- [ ] Review opensearch's release notes.
- [ ] Identify improvements and potential impact.
- [ ] Create new development branch.
- [ ] Develop a testing environment to verify our components would work under this new build.


## Issues
- _List here the detected issues_
2 changes: 1 addition & 1 deletion .github/ISSUE_TEMPLATE/feature_request.md
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -2,7 +2,7 @@
name: 🎆 Feature request
about: Suggest an idea for this project
title: ''
labels: 'enhancement, untriaged'
labels: ["type/enhancement", "level/task"]
assignees: ''
---

Expand Down
30 changes: 30 additions & 0 deletions .github/ISSUE_TEMPLATE/operational--integrations_maintenance_request.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,30 @@
---
name: Integrations maintenance request
about: Used by the Indexer team to maintain third-party software integrations and track the results.
title: Integrations maintenance request
labels: level/task, request/operational, type/maintenance
assignees: ""
---

## Description

The Wazuh Indexer team is responsible for the maintenance of the third-party integrations hosted in the wazuh/wazuh-indexer repository. We must ensure these integrations work under new releases of the third-party software (Splunk, Elastic, Logstash, …) and our own.

For that, we need to:

- [ ] Create a pull request that upgrades the components to the latest version.
- [ ] Update our testing environments to verify the integrations work under new versions.
- [ ] Test the integrations, checking that:
- The Docker Compose project starts without errors.
- The data arrives to the destination.
- All the dashboards can be imported successfully.
- All the dashboards are populated with data.
- [ ] Finally, upgrade the compatibility matrix in integrations/README.md with the new versions.

> [!NOTE]
> * For Logstash, we use the logstash-oss image.
> * For Wazuh Indexer and Wazuh Dashboard, we use the opensearch and opensearch-dashboards images. These must match the opensearch version that we support (e.g: for Wazuh 4.9.0 it is OpenSearch 2.13.0).

## Issues

- _List here the detected issues_
Loading