Skip to content

Commit 1366a00

Browse files
pablotr9pablotr9
authored
Update branch 3.12-8.0 (#913)
* Add new fim configuration * Bump version & update readme * Remove .pyc files * Update agent registration guide
1 parent 8aa89e9 commit 1366a00

File tree

16 files changed

+94
-9
lines changed

16 files changed

+94
-9
lines changed

CHANGELOG.md

Lines changed: 7 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -2,6 +2,13 @@
22

33
All notable changes to the Wazuh app for Splunk project will be documented in this file.
44

5+
## Wazuh v3.12.1 - Splunk Enterprise v8.0.2.1 - Revision 58
6+
7+
### Added
8+
9+
- Support for Wazuh v3.12.1
10+
- Added new FIM settings on configuration on demand. [#912](https://github.com/wazuh/wazuh-splunk/issues/912)
11+
512

613
## Wazuh v3.12.0 - Splunk Enterprise v8.0.2.1 - Revision 56
714

README.md

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -63,12 +63,14 @@
6363
| 7.3.4 | 3.11.3 | <https://packages.wazuh.com/3.x/splunkapp/wazuhapp-splunk-3.11.3_7.3.4.tar.gz> |
6464
| 7.3.4 | 3.11.4 | <https://packages.wazuh.com/3.x/splunkapp/wazuhapp-splunk-3.11.4_7.3.4.tar.gz> |
6565
| 7.3.4 | 3.12.0 | <https://packages.wazuh.com/3.x/splunkapp/wazuhapp-splunk-3.12.0_7.3.4.tar.gz> |
66+
| 7.3.4 | 3.12.1 | <https://packages.wazuh.com/3.x/splunkapp/wazuhapp-splunk-3.12.1_7.3.4.tar.gz> |
6667
| 8.0.0 | 3.11.0 | <https://packages.wazuh.com/3.x/splunkapp/wazuhapp-splunk-3.11.0_8.0.0.tar.gz> |
6768
| 8.0.0 | 3.11.1 | <https://packages.wazuh.com/3.x/splunkapp/wazuhapp-splunk-3.11.1_8.0.0.tar.gz> |
6869
| 8.0.1 | 3.11.2 | <https://packages.wazuh.com/3.x/splunkapp/wazuhapp-splunk-3.11.2_8.0.1.tar.gz> |
6970
| 8.0.1 | 3.11.3 | <https://packages.wazuh.com/3.x/splunkapp/wazuhapp-splunk-3.11.3_8.0.1.tar.gz> |
7071
| 8.0.1 | 3.11.4 | <https://packages.wazuh.com/3.x/splunkapp/wazuhapp-splunk-3.11.4_8.0.1.tar.gz> |
7172
| 8.0.2 | 3.12.0 | <https://packages.wazuh.com/3.x/splunkapp/wazuhapp-splunk-3.12.0_8.0.2.tar.gz> |
73+
| 8.0.2 | 3.12.1 | <https://packages.wazuh.com/3.x/splunkapp/wazuhapp-splunk-3.12.1_8.0.2.tar.gz> |
7274

7375

7476
## Upgrade

SplunkAppForWazuh/README.md

Lines changed: 2 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -65,12 +65,14 @@ Wazuh app for Splunk offers an option to visualize _Wazuh Alerts_ and _API data_
6565
| 7.3.2 | 3.11.0 | <https://packages.wazuh.com/3.x/splunkapp/wazuhapp-splunk-3.11.0_7.3.2.tar.gz> |
6666
| 7.3.2 | 3.11.1 | <https://packages.wazuh.com/3.x/splunkapp/wazuhapp-splunk-3.11.1_7.3.2.tar.gz> |
6767
| 7.3.4 | 3.12.0 | <https://packages.wazuh.com/3.x/splunkapp/wazuhapp-splunk-3.12.0_7.3.4.tar.gz> |
68+
| 7.3.4 | 3.12.1 | <https://packages.wazuh.com/3.x/splunkapp/wazuhapp-splunk-3.12.1_7.3.4.tar.gz> |
6869
| 8.0.0 | 3.11.0 | <https://packages.wazuh.com/3.x/splunkapp/wazuhapp-splunk-3.11.0_8.0.0.tar.gz> |
6970
| 8.0.0 | 3.11.1 | <https://packages.wazuh.com/3.x/splunkapp/wazuhapp-splunk-3.11.1_8.0.0.tar.gz> |
7071
| 8.0.1 | 3.11.2 | <https://packages.wazuh.com/3.x/splunkapp/wazuhapp-splunk-3.11.2_8.0.1.tar.gz> |
7172
| 8.0.1 | 3.11.3 | <https://packages.wazuh.com/3.x/splunkapp/wazuhapp-splunk-3.11.3_8.0.1.tar.gz> |
7273
| 8.0.1 | 3.11.4 | <https://packages.wazuh.com/3.x/splunkapp/wazuhapp-splunk-3.11.4_8.0.1.tar.gz> |
7374
| 8.0.2 | 3.12.0 | <https://packages.wazuh.com/3.x/splunkapp/wazuhapp-splunk-3.12.0_8.0.2.tar.gz> |
75+
| 8.0.2 | 3.12.1 | <https://packages.wazuh.com/3.x/splunkapp/wazuhapp-splunk-3.12.1_8.0.2.tar.gz> |
7476

7577
## Upgrade
7678

SplunkAppForWazuh/appserver/static/js/controllers/management/configuration/integrity-monitoring/integrity-monitoring.html

Lines changed: 74 additions & 0 deletions
Original file line numberDiff line numberDiff line change
@@ -35,6 +35,8 @@
3535
diff</md-nav-item>
3636
<md-nav-item class="wz-nav-item" md-nav-click="switchConfigurationSubTab('fim-whodata')" ng-if="!agent || isLinux"
3737
name="fim-whodata">Who-data</md-nav-item>
38+
<md-nav-item class="wz-nav-item" md-nav-click="switchConfigurationSubTab('fim-synchronization')"
39+
name="fim-synchronization">Synchronization</md-nav-item>
3840
</md-nav-bar>
3941
<!-- End Integrity monitoring navigation bar -->
4042

@@ -96,6 +98,18 @@
9698
<wz-config-item label="Skip scan on CIFS/NFS mounts"
9799
value="currentConfig['syscheck-syscheck'].syscheck.skip_nfs">
98100
</wz-config-item>
101+
<wz-config-item
102+
label="Skip scan of /dev directory"
103+
value="currentConfig['syscheck-syscheck'].syscheck.skip_dev">
104+
</wz-config-item>
105+
<wz-config-item
106+
label="Skip scan of /sys directory"
107+
value="currentConfig['syscheck-syscheck'].syscheck.skip_sys">
108+
</wz-config-item>
109+
<wz-config-item
110+
label="Skip scan of /proc directory"
111+
value="currentConfig['syscheck-syscheck'].syscheck.skip_proc">
112+
</wz-config-item>
99113
<wz-config-item label="Remove old local snapshots"
100114
value="currentConfig['syscheck-syscheck'].syscheck.remove_old_diff || 'yes'">
101115
</wz-config-item>
@@ -108,6 +122,18 @@
108122
<wz-config-item label="Command to prevent prelinking"
109123
value="currentConfig['syscheck-syscheck'].syscheck.prefilter_cmd || '-'">
110124
</wz-config-item>
125+
<wz-config-item
126+
label="Maximum event reporting throughput"
127+
value="currentConfig['syscheck-syscheck'].syscheck.max_eps">
128+
</wz-config-item>
129+
<wz-config-item
130+
label="Process priority"
131+
value="currentConfig['syscheck-syscheck'].syscheck.process_priority">
132+
</wz-config-item>
133+
<wz-config-item
134+
label="Database type"
135+
value="currentConfig['syscheck-syscheck'].syscheck.database">
136+
</wz-config-item>
111137

112138
</div>
113139
<!-- End configuration block -->
@@ -526,6 +552,54 @@
526552
</md-card>
527553
<!-- End auditkeys card -->
528554

555+
556+
<md-card class="wz-md-card" ng-if="!JSONContent && !XMLContent && configurationSubTab === 'fim-synchronization'">
557+
<md-card-content>
558+
<div layout="row" layout-align="start center">
559+
<div>
560+
<span class="font-size-16">Synchronization</span>
561+
<div class="wz-margin-top-10">
562+
<span class="md-subheader small">Database synchronization settings</span>
563+
</div>
564+
</div>
565+
<span flex></span>
566+
<span ng-class="JSONContent ? 'wz-text-active' : ''" class="wz-text-link small" ng-click="getJSON()">JSON</span>
567+
<span class="small">&nbsp;&centerdot;&nbsp;</span>
568+
<span ng-class="XMLContent ? 'wz-text-active' : ''" class="wz-text-link small" ng-click="getXML()">XML</span>
569+
</div>
570+
<md-divider class="wz-margin-top-10"></md-divider>
571+
572+
<!-- Configuration block -->
573+
<div class="wz-padding-top-10">
574+
<wz-config-item
575+
label="Synchronization status"
576+
value="currentConfig['syscheck-syscheck'].syscheck.synchronization.enabled === 'yes' ? 'enabled' : 'disabled'">
577+
</wz-config-item>
578+
<wz-config-item
579+
label="Maximum interval (in seconds) between every sync"
580+
value="currentConfig['syscheck-syscheck'].syscheck.synchronization.max_interval">
581+
</wz-config-item>
582+
<wz-config-item
583+
label="Interval (in seconds) between every sync"
584+
value="currentConfig['syscheck-syscheck'].syscheck.synchronization.interval">
585+
</wz-config-item>
586+
<wz-config-item
587+
label="Response timeout (in seconds)"
588+
value="currentConfig['syscheck-syscheck'].syscheck.synchronization.response_timeout">
589+
</wz-config-item>
590+
<wz-config-item
591+
label="Queue size of the manager responses"
592+
value="currentConfig['syscheck-syscheck'].syscheck.synchronization.queue_size">
593+
</wz-config-item>
594+
<wz-config-item
595+
label="Maximum message throughput"
596+
value="currentConfig['syscheck-syscheck'].syscheck.synchronization.max_eps">
597+
</wz-config-item>
598+
</div>
599+
<!-- End configuration block -->
600+
</md-card-content>
601+
</md-card>
602+
529603
<!-- JSON && XML card-->
530604
<wz-config-viewer flex getjson="getJSON()" getxml="getXML()" jsoncontent="JSONContent" xmlcontent="XMLContent" />
531605

SplunkAppForWazuh/appserver/static/js/directives/wz-register-agent/wz-register-agent.html

Lines changed: 3 additions & 3 deletions
Original file line numberDiff line numberDiff line change
@@ -64,7 +64,7 @@
6464
Copy to clipboard
6565
</md-tooltip>
6666
</span>
67-
sudo WAZUH_MANAGER_IP='{{config.managerIp}}' yum install https://packages.wazuh.com/3.x/yum/wazuh-agent-{{wazuhVersion}}-1.x86_64.rpm
67+
sudo WAZUH_MANAGER='{{config.managerIp}}' yum install https://packages.wazuh.com/3.x/yum/wazuh-agent-{{wazuhVersion}}-1.x86_64.rpm
6868
</div>
6969
</div>
7070
<!-- If Debian / Ubuntu -->
@@ -76,7 +76,7 @@
7676
Copy to clipboard
7777
</md-tooltip>
7878
</span>
79-
curl -so wazuh-agent.deb https://packages.wazuh.com/3.x/apt/pool/main/w/wazuh-agent/wazuh-agent_{{wazuhVersion}}-1_amd64.deb && sudo WAZUH_MANAGER_IP='{{config.managerIp}}' dpkg -i ./wazuh-agent.deb
79+
curl -so wazuh-agent.deb https://packages.wazuh.com/3.x/apt/pool/main/w/wazuh-agent/wazuh-agent_{{wazuhVersion}}-1_amd64.deb && sudo WAZUH_MANAGER='{{config.managerIp}}' dpkg -i ./wazuh-agent.deb
8080
</div>
8181
</div>
8282
<!-- If Windows -->
@@ -106,7 +106,7 @@
106106
Copy to clipboard
107107
</md-tooltip>
108108
</span>
109-
curl -so wazuh-agent.pkg https://packages.wazuh.com/3.x/osx/wazuh-agent-{{wazuhVersion}}-1.pkg && sudo launchctl setenv WAZUH_MANAGER_IP '{{config.managerIp}}' && sudo installer -pkg ./wazuh-agent.pkg -target /
109+
curl -so wazuh-agent.pkg https://packages.wazuh.com/3.x/osx/wazuh-agent-{{wazuhVersion}}-1.pkg && sudo launchctl setenv WAZUH_MANAGER '{{config.managerIp}}' && sudo installer -pkg ./wazuh-agent.pkg -target /
110110
</div>
111111
</div>
112112
</div>

SplunkAppForWazuh/bin/fpdf/__init__.pyc

-734 Bytes
Binary file not shown.

SplunkAppForWazuh/bin/fpdf/fonts.pyc

-20.8 KB
Binary file not shown.

SplunkAppForWazuh/bin/fpdf/fpdf.pyc

-61.7 KB
Binary file not shown.

SplunkAppForWazuh/bin/fpdf/html.pyc

-13.2 KB
Binary file not shown.

SplunkAppForWazuh/bin/fpdf/php.pyc

-2.36 KB
Binary file not shown.

0 commit comments

Comments
 (0)