All notable changes to the Wazuh app project will be documented in this file.
- Fixed issue when logging out from Wazuh when SAML is enabled #4815
- Support for Wazuh 4.3.9
- Support for Wazuh 4.3.8
- Wazuh.yml review: fixed link to web documentation, improved in-file documentation and fixed some grammatical errors. #4378 #4399
- Fixed an error during the generation of a group's report, if the request to the Wazuh API fails #4350
- Fixed a problem with the group's report, when the group has no agents #4350
- Fixed path in logo customization section #4352
- Fixed a TypeError in Firefox. Change the Get request that was made with a Kibana core.http.get(/api/check-wazuh) resource to the WzRequest.genericReq resource and it no longer fails, also add a test capture to public/plugin.ts that wraps the request and in case of failure, the error is detected when the browser does not work with the V8 engine. #4362
- Fixed an error of an undefined username hash related to reporting when using Kibana with X-Pack and security was disabled #4358
- Fixed persistence of the plugin registry file between updates #4359
- Fixed searchbar error on SCA Inventory table #4367
- Fixed a routes loop when reinstalling Wazuh indexer #4373
- Removed the use of
manager_host
field related to agent information of Wazuh API responses, which is obsolete #4350
- Fixed the search bar component to properly distinguish conjuntion operators (AND, OR) #4326
- Fixed documentation link titles to match the documentation sections to redirect to #4301
- Fixed missing documentation references to the Agent's overview, Agent's Integrity monitoring, and Agent's Inventory data sections, when the agent has never connected. #4301
- The references to the documentation site now links to the appropriate version #4301
- Fixed missing documentation link in the Docker Listener module #4301
- Fixed broken links to the documentation site #4301
- Fix Rules, Decoders and CDB lists uploaders to show errors appropriately #4307
- Sanitize report's inputs and usernames #4330
- Added to the interface API messages in the Ruleset test module #4244
- Added authorization prompt in Mitre > Intelligence #4261
- Added a more descriptive message when there is an error related to the user permissions when getting the list of index patterns in a route resolver #4280
- Changed the reference from Manager to Wazuh server in the guide to deploy a new agent #4239
- Removed the filtered tags because they were not supported by the API endpoint #4267
- Changed styles in visualizations. #4254
- Fixed type error when changing screen size in agents section #4233
- Removed a logged error that appeared when the
statistics
tasks tried to create an index with the same name, causing the second task to fail on the creation of the index because it already exists #4235 - Fixed a UI crash due to a query with syntax errors in
Modules/Security events
#4237 - Fixed an error when generating a module report after changing the selected agent #4240
- Fixed an unhandled error when a Wazuh API request failed in the dev tools #4266
- Fixed an error related to
API not available
when saving the manager configuration and restarting the manager fromManagement/Configuration/Edit configuration
on manager mode #4264 - Fixed a UI problem that required scrolling to see the logs in Management/Logs and Settings/Logs #4253
- Replaced the visualization of
Status
panel inAgents
#4166 - Replaced the visualization of policy in
Modules/Security configuration assessment/Inventory
#4166 - Consistency in the colors and labels used for the agent status #4166 #4199
- Replaced how the full and partial scan dates are displayed in the
Details
panel ofVulnerabilities/Inventory
#4169
- Fixed that the platform visualizations didn't use some definitions related to the UI on Kibana 7.10.2 #4166
- Fixed a toast message with a successful process appeared when removing an agent of a group in
Management/Groups
and the agent appears in the agent list after refreshing the table #4167 - Fixed import of an empty rule or decoder file #4176
- Fixed overwriting of rule and decoder imports #4180
- Fixed Wazuh Dashboard troubleshooting url #4150
- Support for Wazuh 4.3.2
Wazuh v4.2.7 - Kibana 7.10.2, 7.11.2, 7.12.1, 7.13.0, 7.13.1, 7.13.2, 7.13.3, 7.13.4, 7.14.0, 7.14.1, 7.14.2 - Revision 4208
- Support for Wazuh 4.2.7
- Added PowerShell version warning to Windows agent installation wizard #4142
- A new workflow is added to perform backports to specific branches #4149
- Fixed the falsy values are displayed as not defined and enhanced the output of
Ruleset Test
#4141
- Support for Kibana 7.16.x
- Support for Kibana 7.17.x
- Added GitHub and Office365 modules #3557
- Added a new
Panel
module tab for GitHub and Office365 modules #3541 #3945 #3952 - Added ability to filter the results fo the
Network Ports
table in theInventory data
section #3639 - Added new endpoint service to collect the frontend logs into a file #3324
- Improved the frontend handle errors strategy: UI, Toasts, console log and log in file
#3327
#3321
#3367
#3373
#3374
#3390
#3410 #3408 #3429 #3427 #3417 #3462 #3451 #3442 #3480 #3472 #3434 #3392 #3404 #3432 #3415 #3469 #3448 #3465 #3464 #3478 #4116 - Added Intelligence tab to Mitre Att&ck module #3368 #3344 #3726
- Added sample data for office365 events #3424
- Created a separate component to check for sample data #3475
- Added a new hook for getting value suggestions #3506
- Added dinamic simple filters and adding simple GitHub filters fields 3531
- Added configuration viewer for Module Office365 on Management > Configuration #3524
- Added base Module Panel view with Office365 setup #3518
- Added specifics and custom filters for Office365 search bar #3533
- Adding Pagination and filter to drilldown tables at Office pannel #3544.
- Simple filters change between panel and drilldown panel #3568.
- Added new fields in Inventory table and Flyout Details #3525
- Added columns selector in agents table #3691
- Added a new workflow for create wazuh packages #3742
- Run
template
andfields
checks in the health check depends on the app configuration #3783 - Added a toast message when there is an error creating a new group #3804
- Added a step to start the agent to the deploy new Windowns agent guide #3846
- Added 3 new panels to
Vulnerabilities/Inventory
#3893 - Added new fields of
Vulnerabilities
to the details flyout #3893 #3908 - Added missing fields used in visualizations to the known fiels related to alerts #3924
- Added troubleshooting link to "index pattern was refreshed" toast #3946
- Added more number options to the tables widget in Modules -> "Mitre" #4041
- Management -> groups -> agent: Selectors appear when there are more than 3 options #4126
- Changed ossec to wazuh in sample-data #3121
- Changed empty fields in FIM tables and
syscheck.value_name
in discovery now show an empty tag for visual clarity #3279 - Adapted the Mitre tactics and techniques resources to use the API endpoints #3346
- Moved the filterManager subscription to the hook useFilterManager #3517
- Change filter from is to is one of in custom searchbar #3529
- Refactored as module tabs and buttons are rendered #3494
- Updated the deprecated and added new references authd #3663 #3806
- Added time subscription to Discover component #3549
- Refactored as module tabs and buttons are rendered #3494
- Testing logs using the Ruletest Test don't display the rule information if not matching a rule. #3446
- Changed format permissions in FIM inventory #3649
- Changed of request for one that does not return data that is not necessary to optimize times. #3686 #3728
- Rebranding. Replaced the brand logos, set module icons with brand colors #3788
- Changed user for sample data management #3795
- Changed agent install codeblock copy button and powershell terminal warning #3792
- Refactored as the plugin platform name and references is managed #3811
- Removed
Dashboard
tab for theVulnerabilities
modules #3893 - Display all fields in the
Table
tab when expading an alert row in the alerts tables of flyouts and theModules/Security Events/Dashboard
table #3908 - Refactored the table in
Vulnerabilities/Inventory
#3196 - Changed Google Groups app icons #3949
- Removed sorting for
Agents
orConfiguration checksum
column in the table ofManagement/Groups
due to this is not supported by the API #3857 - Changed messages in the agent installation guide #4040
- Changed the default
wazuh.statistics.shards
setting from2
to1
#4055 - Removed the migration tasks in the
.wazuh
and.wazuh-version
indices #4098 - Separated the actions of viewing and editing the
agent.conf
group file #4114
- Fixed creation of log files #3384
- Fixed double fetching alerts count when pinnin/unpinning the agent in Mitre Att&ck/Framework #3484
- Query config refactor #3490
- Fixed rules and decoders test flyout clickout event #3412
- Notify when you are registering an agent without permissions #3430
- Remove not used
redirectRule
query param when clicking the row table on CDB Lists/Decoders #3438 - Fixed the code overflows over the line numbers in the API Console editor #3439
- Don't open the main menu when changing the seleted API or index pattern #3440
- Fix error message in conf managment #3443
- Fix size api selector when name is too long #3445
- Fixed error when edit a rule or decoder #3456
- Fixed index pattern selector doesn't display the ignored index patterns #3458
- Fixed error in /Management/Configuration when cluster is disabled #3553
- Fix the pinned filters were removed when accessing to the
Panel
tab of a module #3565 - Fixed multi-select component searcher handler #3645
- Fixed order logs properly in Management/Logs #3609
- Fixed the Wazuh API requests to
GET //
#3661 - Fixed missing mitre tactics #3675
- Fix CDB list view not working with IPv6 #3488
- Fixed the bad requests using Console tool to
PUT /active-response
API endpoint #3466 - Fixed group agent management table does not update on error #3605
- Fixed not showing packages details in agent inventory for a freeBSD agent SO #3651
- Fixed wazuh token deleted twice #3652
- Fixed handler of error on dev-tools #3687
- Fixed compatibility wazuh 4.3 - kibana 7.13.4 #3685
- Fixed registry values without agent pinned in FIM>Events #3689
- Fixed breadcrumbs style compatibility for Kibana 7.14.2 #3688
- Fixed security alerts table when filters change #3682
- Fixed error that shows we're using X-Pack when we have Basic #3692
- Fixed blank screen in Kibana 7.10.2 #3700
- Fixed related decoder link undefined parameters error #3704
- Fixing Flyouts in Kibana 7.14.2 #3708
- Fixing the bug of index patterns in health-check due to bad copy of a PR #3707
- Fixed styles and behaviour of button filter in the flyout of
Inventory
section forIntegrity monitoring
andVulnerabilities
modules #3733 - Fixed height of
Evolution
card in theAgents
section when has no data for the selected time range #3733 - Fix clearing the query filter doesn't update the data in Office 365 and GitHub Panel tab #3722
- Fix wrong deamons in filter list #3710
- Fixing bug when create filename with spaces and throws a bad error #3724
- Fixing bug in security User flyout nonexistant unsubmitted changes warning #3731
- Fixing redirect to new tab when click in a link #3732
- Fixed missing settings in
Management/Configuration/Global configuration/Global/Main settings
#3737 - Fixed
Maximum call stack size exceeded
error exporting key-value pairs of a CDB List #3738 - Fixed regex lookahead and lookbehind for safari #3741
- Fixed Vulnerabilities Inventory flyout details filters #3744
- Removed api selector toggle from settings menu since it performed no useful function #3604
- Fixed the requests get #3661
- Fixed Dashboard PDF report error when switching pinned agent state #3748
- Fixed the rendering of the command to deploy new Windows agent not working in some Kibana versions #3753
- Fixed action buttons overlaying to the request text in Tools/API Console #3772
- Fix
Rule ID
value in reporting tables related to top results #3774 - Fixed github/office365 multi-select filters suggested values #3787
- Fix updating the aggregation data of Panel section when changing the time filter #3790
- Removed the button to remove an agent for a group in the agents' table when it is the default group #3804
- Fixed internal user no longer needs permission to make x-pack detection request #3831
- Fixed agents details card style #3845 #3860
- Fixed search bar query sanitizing in PDF report #3861
- Fixed routing redirection in events documents discover links #3866
- Fixed health-check #3868
- Fixed refreshing agents evolution visualization #3894
- Fixed an error when generating PDF reports due to Wazuh API token expiration #3881
- Fixed the table of Vulnerabilities/Inventory doesn't reload when changing the selected agent #3901
- Fixed backslash breaking exported JSON result #3909
- Fixed the Events view multiple "The index pattern was refreshed successfully" toast #3937
- Fixed a rendering problem in the map visualizations #3942
- Parse error when using
#
character not at the beginning of the line #3877 - Fixed the
rule.mitre.id
cell enhancement that doesn't support values with sub techniques #3944 - Fixed error not working the alerts displayed when changing the selected time in some flyouts #3947 #4115
- Fixed the user can not logout when the Kibana server has a basepath configurated #3957
- Fixed fatal cron-job error when Wazuh API is down #3991
- Fixed circular re-directions when API errors are handled #4079
- Fixed agent breadcrumb routing minor error #4101
- Fixed selected text not visible in API Console #4102
- Fixed the 'missing parameters' error on the Manager Logs #4110
- Fixed undefined input reference when switching between rule set view and rule files view #4125
- Fixed not found FIM file toast error #4124 #4124
- Fixed "See full error" on error toast #4119
- Fixed not being able to remove custom filters. #4112
- Fixed spinner not showing when export button is clicked in management views #4120
- Correction of field and value in the section: last registered agent #4127
- Fixed the download agent installer command [#4132] (wazuh#4132)
Wazuh v4.2.6 - Kibana 7.10.2, 7.11.2, 7.12.1, 7.13.0, 7.13.1, 7.13.2, 7.13.3, 7.13.4, 7.14.0, 7.14.1, 7.14.2 - Revision 4207
- Support for Kibana 7.13.4
- Support for Kibana 7.14.2
- Hide the
telemetry
banner #3709
- Fixed compatibility Wazuh 4.2 - Kibana 7.13.4 #3653
- Fixed interative register windows agent screen error #3654
- Fixed breadcrumbs style compatibility for Kibana 7.14.2 #3668
- Fixed Wazuh token is not removed after logout in Kibana 7.13 #3670
- Fixed Group Configuration and Management configuration error after trying to going back after you save #3672
- Fixing EuiPanels in Overview Sections and disabled text in WzMenu #3674
- Fixing double flyout clicking in a policy #3676
- Fixed error conflict setting kibana settings from the health check #3678
- Fixed compatibility to get the valid index patterns and refresh fields for Kibana 7.10.2-7.13.4 3681
- Fixed wrong redirect after login 3701
- Fixed error getting the index pattern data when there is not
attributes.fields
in the saved object 3689
- Support for Wazuh 4.2.4
- Fixed a bug where the user's auth token was not deprecated on logout #3638
- Support for Wazuh 4.2.3
- Wazuh help links in the Kibana help menu #3170
- Redirect to group details using the
group
query param in the URL #3184 - Configuration to disable Wazuh App access from X-Pack/ODFE role #3222 #3292
- Added confirmation message when closing a form #3221
- Improvement to hide navbar Wazuh label. #3240
- Add modal creating new rule/decoder #3274
- New functionality to change app logos #3503
- Added link to the upgrade guide when the Wazuh API version and the Wazuh App version mismatch #3592
- Removed module titles #3160
- Changed default
wazuh.monitoring.creation
app setting fromd
tow
#3174 - Changed default
wazuh.monitoring.shards
app setting from2
to1
#3174 - Removed Sha1 field from registry key detail #3189
- Removed tooltip in last breadcrumb in header breadcrumb 3250
- Refactored the Health check component #3197
- Added version in package downloaded name in agent deploy command #3210
- Removed restriction to allow only current active agents from vulnerability inventory #3243
- Move API selector and Index Pattern Selector to the header bar #3175
- Health check actions notifications refactored and added debug mode #3258
- Improved visualizations object configuration readability #3355
- Changed the way kibana-vis hides the visualization while loading, this should prevent errors caused by having a 0 height visualization #3349
- Fixed screen flickers in Cluster visualization #3159
- Fixed the broken links when using
server.basePath
Kibana setting #3161 - Fixed filter in reports #3173
- Fixed typo error in Settings/Configuration #3234
- Fixed fields overlap in the agent summary screen #3217
- Fixed Ruleset Test, each request is made in a different session instead of all in the same session #3257
- Fixed the
Visualize
button is not displaying when expanding a field in the Events sidebar #3237 - Fix modules are missing in the agent menu #3244
- Fix improving and removing WUI error logs #3260
- Fix some errors of PDF reports #3272
- Fix TypeError when selecting macOS agent deployment in a Safari Browser #3289
- Fix error in how the SCA check's checks are displayed #3297
- Fixed message of error when add sample data fails #3241
- Fixed modules are missing in the agent menu #3244
- Fixed Alerts Summary of modules for reports #3303
- Fixed dark mode visualization background in pdf reports #3315
- Adapt Kibana integrations to Kibana 7.11 and 7.12 #3309
- Fixed error agent view does not render correctly #3306
- Fixed miscalculation in table column width in PDF reports #3326
- Normalized visData table property for 7.12 retro-compatibility #3323
- Fixed error that caused the labels in certain visualizations to overlap #3355
- Fixed export to csv button in dashboards tables #3358
- Fixed Elastic UI breaking changes in 7.12 #3345
- Fixed Wazuh main menu and breadcrumb render issues #3347
- Fixed generation of huge logs from backend errors #3397
- Fixed vulnerabilities flyout not showing alerts if the vulnerability had a field missing #3593
- Support for Wazuh 4.2.1
- Added
Ruleset Test
section under Tools menu, and on Edit Rules/Decoders as a tool. #1434 - Added page size options in Security events, explore agents table #2925
- Added a reminder to restart cluster or manager after import a file in Rules, Decoders or CDB Lists #3051
- Added Agent Stats section #3056
- Added
logtest
PUT example on API Console #3061 - Added vulnerabilities inventory that affect to an agent #3069
- Added retry button to check api again in health check #3109
- Added
wazuh-statistics
template and a new mapping for these indices #3111 - Added link to documentation "Checking connection with Manager" in deploy new agent #3126
- Fixed Agent Evolution graph showing agents from multiple APIs #3256
- Added Disabled index pattern checks in Health Check #3311
- Moved Dev Tools inside of Tools menu as Api Console. #1434
- Changed position of Top users on Integrity Monitoring Top 5 user. #2892
- Changed user allow_run_as way of editing. #3080
- Rename some ossec references to Wazuh #3046
- Filter only authorized agents in Agents stats and Visualizations #3088
- Fixed missing
pending
status suggestion for agents #3095 - Index pattern setting not used for choosing from existing patterns #3097
- Fixed space character missing on deployment command if UDP is configured #3108
- Fixed statistics visualizations when a node is selected #3110
- Fixed Flyout date filter also changes main date filter #3114
- Fixed name for "TCP sessions" visualization and average metric is now a sum #3118
- Filter only authorized agents in Events and Security Alerts table #3120
- Fixed Last keep alive label is outside the panel #3122
- Fixed app redirect to Settings section after the health check #3128
- Fixed the plugin logo path in Kibana menu when use
server.basePath
setting #3144 - Fixed deprecated endpoint for create agent groups 3152
- Fixed check for TCP protocol in deploy new agent #3163
- Fixed RBAC issue with agent group permissions #3181
- Fixed change index pattern from menu doesn't work #3187
- Conflict with the creation of the index pattern when performing the Health Check #3232
- Added Disabled index pattern checks in Health Check #3311
- Fixed windows update section in Linux Inventory PDF #3569
- Improving and removing unnecessary error logs #3574
- Unable to change selected index pattern from the Wazuh menu #3330
- Support for Kibana 7.11.2
- Added a warning message for the
Install and enroll the agent
step ofDeploy new agent
guide #3238
- Conflict with the creation of the index pattern when performing the Health Check #3223
- Fixing mac os agents add command #3207
- Adapt for Wazuh 4.1.5
- Adapt for Wazuh 4.1.4
- Creation of index pattern after the default one is changes in Settings #2985
- Added node name of agent list and detail #3039
- Added loading view while the user is logging to prevent permissions prompts #3041
- Added custom message for each possible run_as setup #3048
- Change all dates labels to Kibana formatting time zone #3047
- Improve toast message when selecting a default API #3049
- Improve validation and prevention for caching bundles on the client-side #3063 #3091
- Fixed unexpected behavior in Roles mapping #3028
- Fixed rule filter is no applied when you click on a rule id in another module.#3057
- Fixed bug changing master node configuration #3062
- Fixed wrong variable declaration for macOS agents #3066
- Fixed some errors in the Events table, action buttons style, and URLs disappeared #3086
- Fixed Rollback of invalid rule configuration file #3084
- Add
run_as
setting to example host configuration in Add new API view #3021 - Refactor of some prompts #3015
- Fix SCA policy detail showing name and check results about another policy #3007
- Fixed that alerts table is empty when switching pinned agents #3008
- Creating a role mapping before the existing ones are loaded, the page bursts #3013
- Fix pagination in SCA checks table when expand some row #3018
- Fix manager is shown in suggestions in Agents section #3025
- Fix disabled loading on inventory when request fail #3026
- Fix restarting selected cluster instead of all of them #3032
- Fix pinned agents don't trigger a new filtered query #3035
- Overlay Wazuh menu when Kibana menu is opened or docked #3038
- Fix visualizations in PDF Reports with Dark mode #2983
- Prompt to show the unsupported module for the selected agent #2959
- Added a X-Frame-Options header to the backend responses #2977
- Added toast with refresh button when new fields are loaded #2974
- Migrated manager and cluster files endpoints and their corresponding RBAC #2984
- Fix login error when AWS Elasticsearch and ODFE is used #2710
- An error message is displayed when changing a group's configuration although the user has the right permissions #2955
- Fix Security events table is empty when switching the pinned agents #2956
- Fix disabled switch visual edit button when json content is empty #2957
- Fixed main and
More
menus for unsupported agents #2959 - Fixed forcing a non numeric filter value in a number type field #2961
- Fixed wrong number of alerts in Security Events #2964
- Fixed search with strange characters of agent in Management groups #2970
- Fix the statusCode error message #2971
- Fix the SCA policy stats didn't refresh #2973
- Fixed loading of AWS index fields even when no AWS alerts were found #2974
- Fix some date fields format in FIM and SCA modules #2975
- Fix a non-stop error in Manage agents when the user has no permissions #2976
- Can't edit empty rules and decoders files that already exist in the manager #2978
- Support for alerts index pattern with different ID and name #2979
- Fix the unpin agent in the selection modal #2980
- Fix properly logout of Wazuh API when logging out of the application (only for OpenDistro) #2789
- Fixed missing
&&
from macOS agent deployment command #2989 - Fix prompt permissions on Framework of Mitre and Inventory of Integrity monitoring. #2967
- Fix properly logout of Wazuh API when logging out of the application support x-pack #2789
- Check the max buckets by default in healthcheck and increase them #2901
- Added a prompt wraning in role mapping if run_as is false or he is not allowed to use it by API #2876
- Support new fields of Windows Registry at FIM inventory panel #2679
- Added on FIM Inventory Windows Registry registry_key and registry_value items from syscheck #2908
- Uncheck agents after an action in agents groups management #2907
- Unsave rule files when edit or create a rule with invalid content #2944
- Added vulnerabilities module for macos agents #2969
- Fix server error Invalid token specified: Cannot read property 'replace' of undefined #2899
- Fix show empty files rules and decoders: #2923
- Fixed wrong hover texts in CDB lists actions #2929
- Fixed access to forbidden agents information when exporting agents listt 2918
- Fix the decoder detail view is not displayed #2888
- Fix the complex search using the Wazuh API query filter in search bars #2930
- Fixed validation to check userPermissions are not ready yet #2931
- Fixed clear visualizations manager list when switching tabs. Fixes PDF reports filters #2932
- Fix Strange box shadow in Export popup panel in Managment > Groups #2886
- Fixed wrong command on alert when data folder does not exist #2938
- Fix agents table OS field sorting: Changes agents table field
os_name
toos.name,os.version
to make it sortable. #2939 - Fixed diff parsed datetime between agent detail and agents table #2940
- Allow access to Agents section with agent:group action permission #2933
- Fixed filters does not work on modals with search bar #2935
- Fix wrong package name in deploy new agent #2942
- Fixed number agents not show on pie onMouseEvent #2890
- Fixed off Kibana Query Language in search bar of Controls/Inventory modules. #2945
- Fixed number of agents do not show on the pie chart tooltip in agents preview #2890
- Adapt the app to the new Kibana platform #2475
- Wazuh data directory moved from
optimize
todata
Kibana directory #2591 - Show the wui_rules belong to wazuh-wui API user #2702
- Fixed Wazuh menu and agent menu for Solaris agents #2773 #2725
- Fixed wrong shards and replicas for statistics indices and also fixed wrong prefix for monitoring indices #2732
- Report's creation dates set to 1970-01-01T00:00:00.000Z #2772
- Fixed bug for missing commands in ubuntu/debian and centos #2786
- Fixed bug that show an hour before in /security-events/dashboard #2785
- Fixed permissions to access agents #2838
- Fix searching in groups #2825
- Fix the pagination in SCA ckecks table #2815
- Fix the SCA table with a wrong behaviour using the refresh button #2854
- Fix sca permissions for agents views and dashboards #2862
- Solaris should not show vulnerabilities module #2829
- Fix the settings of statistics indices creation #2858
- Update agents' info in Management Status after changing cluster node selected #2828
- Fix error when applying filter in rules from events #2877
- Replaced
wazuh
Wazuh API user bywazuh-wui
in the default configuration #2852 - Add agent id to the reports name in Agent Inventory and Modules #2817
- Fixed filter pinned crash returning from agents #2864
- Fixed style in sca and regulatory compliance tables and in wz menu #2861
- Fix body-payload of Sample Alerts POST endpoint #2857
- Fixed bug in the table on Agents->Table-> Actions->Config icon #2853
- Fixed tooltip in the icon of view decoder file #2850
- Fixed bug with agent filter when it is pinned #2846
- Fix discovery navigation #2845
- Search file editor gone #2843
- Fix Agent Search Bar - Regex Query Interpreter #2834
- Fixed accordion style breaking #2833
- Fix metrics are not updated after a bad request in search input #2830
- Fix mitre framework tab crash #2821
- Changed ping request to default request. Added delay and while to che… #2820
- Removed kibana alert for security #2806
- Modified agent registration adding groups and architecture #2666 #2652
- Each user can only view their own reports #2686
- Create index pattern even if there aren´t available indices #2620
- Top bar overlayed over expanded visualizations #2667
- Empty inventory data in Solaris agents #2680
- Wrong parameters in the dev-tools autocomplete section #2675
- Wrong permissions on edit CDB list #2665
- fix(frontend): add the metafields when refreshing the index pattern #2681
- Error toast is showing about Elasticsearch users for environments without security #2713
- Error about Handler.error in Role Mapping fixed #2702
- Fixed message in reserved users actions #2702
- Error 500 on Export formatted CDB list #2692
- Wui rules label should have only one tooltip #2723
- Move upper the Wazuh item in the Kibana menu and default index pattern #2867
- Support for Wazuh v4.0.4
- Improved management of index-pattern fields #2630
- fix(fronted): fixed the check of API and APP version in health check #2655
- Replace user by username key in the monitoring logic #2654
- Security alerts and reporting issues when using private tenants #2639
- Manager restart in rule editor does not work with Wazuh cluster enabled #2640
- fix(frontend): Empty inventory data in Solaris agents #2680
- Support for Wazuh v4.0.3.
- Sample data indices name should take index pattern in use #2593
- Added start option to macos Agents #2653
- Statistics settings do not allow to configure primary shards and replicas #2627
- Support for Wazuh v4.0.2.
- The index pattern title is overwritten with its id after refreshing its fields #2577
- [RBAC] Issues detected when using RBAC #2579
- Alerts summary table for PDF reports on all modules #2632
- [4.0-7.9] Run as with no wazuh-wui API user #2576
- Deploy a new agent interface as default interface #2564
- Problem in the visualization of new reserved resources of the Wazuh API #2643
- Restore the tables in the agents' reports #2628
- [RBAC] Issues detected when using RBAC #2579
- Changes done via a worker's API are overwritten #2626
- [BUGFIX] Default user field for current platform #2633
- Hide empty columns of the processes table of the MacOS agents #2570
- Missing step in "Deploy a new agent" view #2623
- Implement wazuh users' CRUD #2598
- Inconsistent data in sample data alerts #2618
- Icons not align to the right in Modules > Events #2607
- Statistics visualizations do not show data #2602
- Error on loading css files #2599
- Fixed search filter in search bar in Module/SCA wasn't working #2601
- Undefined field in event view #2588
- Several calls to the same stats request (esAlerts) #2586
- The filter options popup doesn't open on click once the filter is pinned #2581
- The formatedFields are missing from the index-pattern of wazuh-alerts-* #2574
- Support for Kibana v7.9.3
- Support for Wazuh v4.0.0.
- Support for Kibana v7.9.1 and 7.9.2.
- Support for Open Distro 1.10.1.
- Added a RBAC security layer integrated with Open Distro and X-Pack.
- Added remoted and analysisd statistics.
- Expand supported deployment variables.
- Added new configuration view settings for GCP integration.
- Added logic to change the
metafields
configuration of Kibana #2524
- Migrated the default index-pattern to
wazuh-alerts-*
. - Removed the
known-fields
functionality. - Security Events dashboard redesinged.
- Redesigned the app settings configuration with categories.
- Moved the wazuh-registry file to Kibana optimize folder.
- Format options in
wazuh-alerts
index-pattern are not overwritten now. - Prevent blank page in detaill agent view.
- Navigable agents name in Events.
- Index pattern is not being refreshed.
- Reporting fails when agent is pinned and compliance controls are visited.
- Reload rule detail doesn't work properly with the related rules.
- Fix search bar filter in Manage agent of group #2541
- Support for Wazuh v3.13.6
- Sanitize report's inputs and usernames #4336
- Support for Wazuh v3.13.2
- Support for Wazuh v3.13.2
- Support for Kibana v7.9.1
- Support for Kibana v7.9.0
- Support for Kibana v7.8.1
- Support for Wazuh v3.13.1
- Support for Kibana v7.8.0
- Support for Wazuh v3.13.0
- Support for Kibana v7.7.1
- Support for Open Distro 1.8
- New navigation experience with a global menu #1965
- Added a Breadcrumb in Kibana top nav #2161
- Added a new Agents Summary Screen #1963
- Added a new feature to add sample data to dashboards #2115
- Added MITRE integration #1877
- Added Google Cloud Platform integration #1873
- Added TSC integration #2204
- Added a new Integrity monitoring state view for agent #2153
- Added a new Integrity monitoring files detail view #2156
- Added a new component to explore Compliance requirements #2156
- Code migration to React.js
- Global review of styles
- Unified Overview and Agent dashboards into new Modules #2110
- Changed Vulnerabilities dashboard visualizations #2262
- Open Distro tenants have been fixed and are functional now #1890.
- Improved navigation performance #2200.
- Avoid creating the wazuh-monitoring index pattern if it is disabled #2100
- SCA checks without compliance field can't be expanded #2264
- Support for Kibana v7.7.1
- Support for Kibana v7.7.0
- Support for Wazuh v3.12.3
- Support for Wazuh v3.12.2
- Support Wazuh 3.12.1
- Added new FIM settings on configuration on demand. #2147
- Updated agent's variable names in deployment guides. #2169
- Pagination is now shown in table-type visualizations. #2180
- Support for Kibana v6.8.8 and v7.6.2
- Support for Wazuh v3.12.0
- Added a new setting to hide manager alerts from dashboards. #2102
- Added a new setting to be able to change API from the top menu. #2143
- Added a new setting to enable/disable the known fields health check #2037
- Added suport for PCI 11.2.1 and 11.2.3 rules. #2062
- Restructuring of the optimize/wazuh directory. Now the Wazuh configuration file (wazuh.yml) is placed on /usr/share/kibana/optimize/wazuh/config. #2116
- Improve performance of Dasboards reports generation. 1802344
- Discover time range selector is now displayed on the Cluster section. 08901df
- Added the win_auth_failure rule group to Authentication failure metrics. #2099
- Negative values in Syscheck attributes now have their correct value in reports. 7c3e84e
- Support for Kibana v7.6.1
- Support for Wazuh v3.11.4
- Support for Kibana v7.6.0
- Support for Kibana v7.4.2
- Support for Wazuh v3.11.3
- Windows Updates table is now displayed in the Inventory Data report #2028
- Support for Kibana v7.5.2
- Support for Wazuh v3.11.2
- Increased list filesize limit for the CDB-list #1993
- The xml validator now correctly handles the
--
string within comments #1980 - The AWS map visualization wasn't been loaded until the user interacts with it dd31bd7
- Support for Wazuh v3.11.1.
- Support for Wazuh v3.11.0.
- Support for Kibana v7.5.1.
- The API credentials configuration has been moved from the .wazuh index to a wazuh.yml configuration file. Now the configuration of the API hosts is done from the file and not from the application. #1465 #1771.
- Upload ruleset files using a "drag and drop" component #1770
- Add logs for the reporting module #1622.
- Extended the "Add new agent" guide #1767.
- Add new table for windows hotfixes #1932
- Removed Discover from top menu #1699.
- Hide index pattern selector in case that only one exists #1799.
- Remove visualizations legend #1936
- Normalize the field whodata in the group reporting #1921
- A message in the configuration view is ambiguous #1870
- Refactor syscheck table #1941
- Empty files now throws an error #1806.
- Arguments for wazuh api requests are now validated #1815.
- Fixed the way to check admin mode #1838.
- Fixed error exporting as CSV the files into a group #1833.
- Fixed XML validator false error for
<
1882 - Fixed "New file" editor doesn't allow saving twice #1896
- Fixed decoders files #1929
- Fixed registration guide #1926
- Fixed infinite load on Ciscat views #1920, #1916
- Fixed missing fields in the Visualizations #1913
- Fixed Amazon S3 status is wrong in configuration section #1864
- Fixed hidden overflow in the fim configuration #1887
- Fixed Logo source fail after adding server.basePath #1871
- Fixed the documentation broken links #1853
- Support for Kibana v7.5.1
- Support for Kibana v7.5.0
- Support for Kibana v7.4.2
- Support for Kibana v7.4.1
- Support for Kibana v7.4.0
- Support for Wazuh v3.10.2.
- Support for Wazuh v3.10.2.
- Support for Wazuh v3.10.1.
- Support for Wazuh v3.10.0.
- Added an interactive guide for registering agents, things are now easier for the user, guiding it through the steps needed ending in a copy & paste snippet for deploying his agent #1468.
- Added new dashboards for the recently added regulatory compliance groups into the Wazuh core. They are HIPAA and NIST-800-53 #1468, #1638.
- Make the app work under a custom Kibana space #1234, #1450.
- Added the ability to manage the app as a native plugin when using Kibana spaces, now you can safely hide/show the app depending on the selected space #1601.
- Adapt the app the for Kibana dark mode #1562.
- Added an alerts summary in Overview > FIM panel #1527.
- Export all the information of a Wazuh group and its related agents in a PDF document #1341.
- Export the configuration of a certain agent as a PDF document. Supports granularity for exporting just certain sections of the configuration #1340.
- Reduced Agents preview load time using the new API endpoint
/summary/agents
#1687. - Replaced most of the md-nav-bar Angular.js components with React components using EUI #1705.
- Replaced the requirements slider component with a new styled component #1708.
- Soft deprecated the .wazuh-version internal index, now the app dumps its content if applicable to a registry file, then the app removes that index. Further versions will hard deprecate this index #1467.
- Visualizations now don't fetch the documents source, also, they now use size: 0 for fetching #1663.
- The app menu is now fixed on top of the view, it's not being hidden on every state change. Also, the Wazuh logo was placed in the top bar of Kibana UI #1502.
- Improved getTimestamp method not returning a promise object because it's no longer needed 014bc3a. Also improved main Discover listener for Wazuh not returning a promise object bd82823.
- Replaced Requirements over time visualizations in both PCI DSS and GDPR dashboards 35c539.
- Do not show a toaster when a visualization field was not known yet, instead, show it just in case the internal refreshing failed 19a2e7.
- Minor optimizations for server logging eb8e000.
- Alerts search bar fixed for Kibana v7.3.1, queries were not being applied as expected #1686.
- Hide attributes field from non-Windows agents in the FIM table #1710.
- Fixed broken view in Management > Configuration > Amazon S3 > Buckets, some information was missing #1675.
- Keep user's filters when switching from Discover to panel #1685.
- Reduce load time and amount of data to be fetched in Management > Cluster monitoring section avoiding possible timeouts #1663.
- Restored Remove column feature in Discover tabs #1702.
- Apps using Kibana v7.3.1 had a bug once the user goes back from Agent > FIM > Files to Agent > FIM > dashboard, filters disappear, now it's working properly #1700.
- Fixed visual bug in Management > Cluster monitoring and a button position 1e3b748.
- The app installation date was not being updated properly, now it's fixed #1692.
- Fixed Network interfaces table in Inventory section, the table was not paginating #1474.
- Fixed APIs passwords are now obfuscated in server responses adc3152.
- Support for Wazuh v3.9.5
Wazuh v3.9.4 - Kibana v6.8.1 / Kibana v6.8.2 / Kibana v7.2.0 / Kibana v7.2.1 / Kibana v7.3.0 - Revision 528
- Support for Wazuh v3.9.4
- Allow filtering by clicking a column in rules/decoders tables 0e2ddd7
- Allow open file in rules table clicking on the file column 1af929d
- Improved app performance #1640.
- Remove path filter from custom rules and decoders 895792e
- Show path column in rules and decoders 6f49816
- Removed SCA overview dashboard 94ebbff
- Disabled last custom column removal f1ef7de
- Agents messages across sections unification 8fd7e36
- Fix check storeded apis d6115d6.
- Fix pci-dss console error 297080d
- Fix error in reportingTable 85b7266
- Fix filters budgets size c7ac86a
- Fix missing permalink virustotal visualization 1b57529
- Improved wz-table performance 224bd6f
- Fix inconsistent data between visualizations and tables in Overview Security Events b12c600
- Timezone applied in cluster status a4f620d
- Fixed Overview Security Events report when wazuh.monitoring is disabled 1c26da0
- Fixes in APIs management 2143943
- Prevent duplicated visualization toast errors 786faf3
- Fix not properly updated breadcrumb in ruleset section 9645903
- Fix badly dimensioned table in Integrity Monitoring section 9645903
- Fix implicit filters can be destroyed 9cf8578
- Windows agent dashboard doesn't show failure logon access. d38d088
- Number of agents is not properly updated. f7cbbe5
- Missing scrollbar on Firefox file viewer. df4e8f9
- Agent search filter by name, lost when refreshing. 71b5274
- Alerts of level 12 cannot be displayed in the Summary table. ec0e888
- Restored query from search bar in visualizations. 439128f
- Fix Kibana filters loop in Firefox. 82f0f32
- Support for Wazuh v3.9.3
- Support for Kibana v7.2.0 #1556.
- New design and several UI/UX changes #1525.
- Improved error checking + syscollector performance 94d0a83.
- Adapt Syscollector for MacOS agents a4bf7ef.
- Show last scan for syscollector 73f2056.
- Extendend information for syscollector #1585.
- Corrected width for agent stats a998955.
- Fix height for the menu directive with Dynamic height 427d0f3.
- Fix wazuh-db and clusterd check cddcef6.
- Fix AlertsStats when value is "0", it was showing "-" 07a3e10.
- Fix syscollector state value f8d3d0e.
- Fix time offset for reporting table 2ef500b.
- Fix call to obtain GDPR requirements for specific agent ccda846.
- Restore "rule.id" as a clickable field in visualizations #1546.
- Fix timepicker in cluster monitoring f7533ce.
- Fix several bugs #1569.
- Fully removed "rule.id" as URL field #1584.
- Fix filters for dashboards #1583.
- Fix missing dependency #1591.
- Support for Wazuh v3.9.2
- Avoid showing more than one toaster for the same error message 7937003.
- Restored "Alerts evolution - Top 5 agents" in Overview > Security events f9305c0.
- Fix missing parameters in Dev Tools request #1496.
- Fix "Invalid Date" for Safari and Internet Explorer #1505.
- Support for Kibana v7.1.1
- Added overall metrics for Agents > Overview #1479.
- Fixed missing dependency for Discover 43f5dd5.
- Fixed visualization for Agents > Overview #1477.
- Fixed SCA policy checks table #1478.
- Support for Kibana v7.1.0
- Support for Wazuh v3.9.1
- Support for Kibana v6.8.0
- Fixed background color for some parts of the Discover directive 2dfc763.
- Fixed cut values in non-resizable tables when the value is too large cc4828f.
- Fixed handled but not shown error messages from rule editor 0aa0e17.
- Minor typos corrected fe11fb6.
- Minor fixes in agents configuration 1bc2175.
- Fix Management > logs viewer scrolling f458b2e.
- Kibana version shown in settings is now read from our package.json c103d3e.
- Removed an old header from Settings 0197b8b.
- Improved index pattern validation fields, replaced "full_log" with "rule.id" as part of the minimum required fields dce0595.
- Improve dynamic height for configuration editor c318131.
- Add timezone for all dates shown in the app 4b8736f.
- Support for Wazuh v3.9.0
- Support for Kibana v6.7.0 / v6.7.1 / v6.7.2
- Edit master and worker configuration (#1215).
- Edit local rules, local decoders and CDB lists (#1212, #1204, #1196, #1233, #1304).
- View no local rules/decoders XML files (#1395)
- Dev Tools additions
- Added refresh button for agents preview table (#1169).
- Added
configuration assessment
information in "Agent > Policy monitoring" (#1227). - Added agents
configuration assessment
configuration section in "Agent > Configuration" (1257) - Restart master and worker nodes (#1222).
- Restart agents (#1229).
- Added support for more than one Wazuh monitoring pattern (#1243)
- Added customizable interval for Wazuh monitoring indices creation (#1243).
- Expand visualizations (#1246).
- Added a dynamic table columns selector (#1246).
- Added resizable columns by dragging in tables (d2bf8ee)
- Added a cron job for fetching missing fields of all valid index patterns, also merging dynamic fields every time an index pattern is refreshed by the app (#1276).
- Added auto-merging dynamic fields for Wazuh monitoring index patterns (#1300)
- New server module, it's a job queue so we can add delayed jobs to be run in background, this iteration only accepts delayed Wazuh API calls (#1283).
- Added new way to view logs using a logs viewer (#1292)
- Added new directive for registering agents from the UI, including instructions on "how to" (#1321).
- Added some Angular charts in Agents Preview and Agents SCA sections (#1364)
- Added Docker listener settings in configuration views (#1365)
- Added Docker dashboards for both Agents and Overview (#1367)
- Improved app logger with debug level (#1373)
- Introducing React components from the EUI framework
- Escape XML special characters (#1159).
- Changed empty results message for Wazuh tables (#1165).
- Allowing the same query multiple times on the Dev Tools (#1174)
- Refactor JSON/XML viewer for configuration tab (#1173, #1148).
- Using full height for all containers when possible (#1224).
- Improved the way we are handling "back button" events (#1207).
- Changed some visualizations for FIM, GDPR, PCI, Vulnerability and Security Events (#1206, #1235, #1293).
- New design for agent header view (#1186).
- Not fetching data the very first time the Dev Tools are opened (#1185).
- Refresh all known fields for all valid index patterns if
kbn-vis
detects a broken index pattern (ecd7c8f). - Truncate texts and display a tooltip when they don't fit in a table cell (7b56a87)
- Updated API autocomplete for Dev Tools (#1218)
- Updated switches design to adapt it to Kibana's design (#1253)
- Reduced the width of some table cells with little text, to give more space to the other columns (#1263).
- Redesign for Management > Status daemons list (#1284).
- Redesign for Management > Configuration, Agent > Configuration (#1289).
- Replaced Management > Logs table with a log viewer component (#1292).
- The agents list search bar now allows to switch between AND/OR operators (#1291).
- Improve audit dashboards (#1374)
- Exclude agent "000" getting the last registered and the most active agents from the Wazuh API.(#1391)
- Reviewed Osquery dashboards (#1394)
- Memory info is now a log (#1400)
- Error toasters time is now 30000ms, warning/info are still 6000ms (#1420)
- Properly handling long messages on notifier service, until now, they were using out of the card space, also we replaced some API messages with more meaningful messages (#1168).
- Adapted Wazuh icon for multiple browsers where it was gone (#1208).
- Do not fetch data from tables twice when resize window (#1303).
- Agent syncrhonization status is updated as we browse the configuration section (#1305)
- Using the browser timezone for reporting documents (#1311).
- Wrong behaviors in the routing system when the basePath was set (#1342)
- Do not show pagination for one-page tables (196c5b7)
- Being redirected to Overview once a Kibana restart is performed (#1378)
- Displaying the AWS services section of the aws-s3 wodle (#1393)
- Show email configuration on the configuration on demand (#1401)
- Show "Follow symbolic link" field in Integrity monitoring - Monitored configuration on demand (0c9c9da)
- Support for Kibana v6.6.0 / v6.6.1 / v6.6.2 / v6.7.0
- Fixed AWS dashboard, newer JavaScript browser engines break the view due to Angular.js (6e882fc).
- Fixed AWS accounts visualization, using the right field now (6e882fc).
- Support for Wazuh v3.8.2
- Close configuration editor only if it was successfully updated (bc77c35).
- Replaced FIM Vega visualization with standard visualization (554ee1c).
- Support for Wazuh v3.8.1
- Moved monitored/ignored Windows registry entries to "FIM > Monitored" and "FIM > Ignored" to avoid user confusion (#1176).
- Excluding managers from wazuh-monitoring indices (#1177).
- Escape
&
before sending group configuration (d3aa56f). - Improved
autoFormat
function before rendering group configuration (f4f8144). - Now the group configuration editor doesn't exit after sending data to the Wazuh API (5c1a3ef).
- Fixed style for the error toaster for long URLs or long paths (11b8084).
- Added group management features such as:
- New directive for tables that don't need external data sources (#1067).
- New search bar directive with interactive filters and suggestions (#1058).
- New server route
/elastic/alerts
for fetching alerts using custom parameters(#1056). - New table for an agent FIM monitored files, if the agent OS platform is Windows it will show two tables: files and registry (#1032).
- Added description to each setting under Settings > Configuration (#1048).
- Added a new setting to
config.yml
related to Wazuh monitoring and its index pattern (#1095). - Resizable columns by dragging in Dev-tools (#1102).
- New feature to be able to edit config.yml file from the Settings > Configuration section view (#1105).
- Added a new table (network addresses) for agent inventory tab (#1111).
- Added
audit_key
(Who-data Audit keys) for configuration tab (#1123). - Added new known fields for Kibana index pattern (#1150).
- Changed Inventory tables. Now the app looks for the OS platform and it shows different tables depending on the OS platform. In addition the process state codes has been replaced to be more meaningful (#1059).
- Tiny rework for the AWS tab including.
- "Report" button is hidden on Discover panel (#1047).
- Visualizations, filters and Discover improved (#1083).
- Removed
popularizeField
function until elastic/kibana#22426 is solved in order to avoidUnable to write index pattern!
error on Discover tab (#1085). - Improved Wazuh monitoring module (#1094).
- Added "Registered date" and "Last keep alive" in agents table allowing you to sort by these fields (#1102).
- Improved code quality in sections such as Ruleset > Rule and Decoder detail view simplify conditions (#1102).
- Replaced reporting success message (#1102).
- Reduced the default number of shards and the default number of replicas for the app indices (#1113).
- Refreshing index pattern known fields on health check controller (#1119).
- Less strict memory check (786c764).
- Checking message origin in error handler (dfec368).
- Dev tools is now showing the response as it is, like
curl
does (#1137). - Removed
unknown
as valid node name (#1149). - Removed
rule.id
direct filter from the rule set tables (#1151)
- Restored X-Pack security logic for the .wazuh index, now it's not bypassing the X-Pack roles (#1081)
- Avoid fetching twice the same data (#1072, #1061).
- Wazuh logo adapted to low resolutions (#1074).
- Hide Audit, OpenSCAP tabs for non-linux agents. Fixed empty Windows events under Configuration > Log collection section. OSQuery logo has been standardized (#1072, #1076).
- Fix empty values on Overview > Security events when Wazuh monitoring is disabled (#1091).
- Fix overlapped play button in Dev-tools when the input box has a scrollbar (#1102).
- Fix Dev-tools behavior when parse json invalid blocks (#1102).
- Fixed Management > Monitoring tab frustration adding back buttons (#1102).
- Fix template checking when using more than one pattern (#1104).
- Fix infinite loop for Wazuh monitoring when the Wazuh API is not being able to give us all the agents (5a26916), (85005a1).
- Fix rule details for
list
andinfo
parameters (#1149).
- Support for Elastic stack v6.5.2 / v6.5.3 / v6.5.4.
- Support for Wazuh v3.7.1 / v3.7.2.
- Dev Tools module now autocompletes API endpoints (#1030).
- Increased number of rows for syscollector tables (#1033).
- Modularized JSON/XML viewers for the configuration section (#982).
- Added missing fields for syscollector network tables (#1036).
- Using the right API path when downloading CSV for decoders list (#1045).
- Including group field when downloading CSV for agents list (#1044).
- Preserve active tab in configuration section when refreshing the page (#1037).
- Support for Elastic Stack v6.5.0 / v6.5.1.
- Agent groups bar is now visible on the agent configuration section (#1023).
- Added a new setting for the
config.yml
file for enable/disable administrator mode (#1019).- This allows the user to perform PUT, POST, DELETE methods in our Dev Tools.
- Refactored most front-end controllers (#1023).
- Support for Wazuh v3.7.0.
- Support for Elastic Stack v6.4.2 / v6.4.3.
- Brand-new interface for Configuration (on both Management and Agents tabs) (#914):
- Now you can check current and real agent and manager configuration.
- A new interface design, with more useful information and easy to understand descriptions.
- New and more responsive JSON/XML viewers to show the configuration in raw mode.
- Brand-new extension - Osquery (#938):
- A new extension, disabled by default.
- Check alerts from Wazuh's Osquery integration.
- Check your current Osquery wodle configuration.
- More improvements will come for this extension in the future.
- New option for Wazuh app configuration file - Ignore index patterns (#947):
- Now the user can specify which index patterns can't be selected on the app using the new
ip.ignore
setting on theconfig.yml
file. - The valid format is an array of strings which represents index patterns.
- By default, this list is empty (all index patterns will be available if they use a compatible structure).
- Now the user can specify which index patterns can't be selected on the app using the new
- Added a node selector for Management > Status section when Wazuh cluster is enabled (#976).
- Added quick access to Configuration or Discover panels for an agent on the agents list (#939).
- Now you can click on an agent's ID on the Discover panels to open its details page on the app (#904).
- Redesigned the Overview > Amazon AWS tab, using more meaningful visualizations for a better overall view of your agents' status (#903).
- Redesigned the Overview/Agents > Vulnerabilities tab, using more meaningful visualizations for a better overall view of your agents' status (#954).
- Now everytime the user enters the Settings tab, the API connection will be automatically checked (#971).
- Added a node selector for Management > Logs section when Wazuh cluster is enabled (#980).
- Added a group selector for Agents section (#995).
- Interface refactoring for the Agents > Inventory data tab (#924):
- Now the tab won't be available if your agent doesn't have Syscollector enabled, and each card will be enabled or disabled depending on the current Syscollector scans configuration.
- This will prevent situations where the user couldn't check the inventory although there was actual scan data to show on some sections.
- Added support for new multigroups feature (#911):
- Now the information bars on Agents will show all the groups an agent belongs to.
- Now the result pane on the Dev tools tab will show the error code coming from the Wazuh API (#909).
- Changed some visualizations titles for Overview/Agents > OpenSCAP tab (#925).
- All backend routes have been renamed (#932).
- Several improvements for Elasticsearch tests (#933).
- Updated some strings and descriptions on the Settings tab (#934).
- Changed the date format on Settings > Logs to make it more human-readable (#944).
- Changed some labels to remove the "MD5 sum" expression, it will use "Checksum" instead (#945).
- Added word wrapping class to group name in Management > Groups > Group detail tab (#945).
- The
wz-table
directive has been refactored (#953). - The
wz-table
directive now checks if a request is aborted (#979). - Several performance improvements (#985, #997, #1000).
- Several known fields for Whodata functionality have been fixed (#901).
- Fixed alignment bug with the Add a filter + button on Discover and Agents tabs (#912).
- Fixed a bug where the
Add API
form on Settings didn't appear when pressing the button after editing an existing API entry (#944). - Fixed a bug on Ruleset tab where the "Description" column was showing
0
if the rule doesn't have any description (#948). - Fixed wrong alignment on related Rules/Decoders tables from Management > Ruleset tab (#971).
- Fixed a bug where sometimes the error messages appeared duplicated (#971).
- On the Management > Monitoring tab, the
Cluster enabled but not running
message won't appear as an error anymore (#971).
- Support for Elastic Stack v6.4.1 / v6.4.2 / v6.4.3.
- Redesigned the Overview > Integrity monitoring tab, using more meaningful visualizations for a better overall view of your agents' status (#893).
- Added a new table for the Inventory tab: Processes (#895).
- Improved error handling for tables. Now the table will show an error message if it wasn't able to fetch and load data (#896).
- The app source code has been improved, following best practices and coding guidelines (#892).
- Included more app tests and prettifier for better code maintainability (#883 & #885).
- Fixed minor visual errors on some GDPR, PCI DSS and Vulnerabilities visualizations (#894).
- The Inventory tab has been redesigned (#873):
- Added new network interfaces and port tables.
- Improved design using metric information bars and intuitive status indicators.
- Added refresh functionality to the Settings > Logs tab (#852):
- Now everytime the user opens the tab, the logs will be reloaded.
- A new button to force the update has been added on the top left corner of the logs table.
- Added
tags
andrecursion_level
configuration options to Management/Agent > Configuration tabs (#850). - The Kuery search syntax has been added again to the app (#851).
- Added a first batch of Mocha tests and other quality of code improvements to the app (#859).
- Now you can open specific rule details (the Management > Ruleset tab) when clicking on the
rule.id
value on the Discover tab (#862). - Now you can click on the rule ID value on the Management > Ruleset tab to search for related alerts on the Discover tab (#863).
- The index pattern known fields have been updated up to 567 (#872).
- Now the Inventory tab will always be available for all agents, and a descriptive message will appear if the agent doesn't have
syscollector
enabled (#879).
- Fixed a bug where the Inventory tab was unavailable if the user reloads the page while on the Agents > Configuration tab (#845).
- Fixed some Overview > VirusTotal visualizations (#846).
- Fixed a bug where the Settings > Extensions tab wasn't being properly hidden when there's no API entries inserted (#847).
- Fixed a bug where the Current API indicator on the top navbar wasn't being properly updated when the user deletes all the API entries (#848).
- Fixed a bug where the Agents coverage metric were not displaying a proper value when the manager has 0 registered agents (#849).
- Fixed a bug where the
wazuh-basic
user role was able to update API entries (it should be forbidden) (#853). - Fixed a bug where the visualizations had scroll bars on the PDF reports (#870).
- Fixed a bug on the Dev tools tab where the user couldn't execute the first request block if there was blank lines above it (#871).
- Fixed a bug on pinned filters when opening tabs where the implicit filter was the same, making them stuck and unremovable from other tabs (#878).
- Support for Wazuh v3.6.1.
- Fixed a bug on the Dev tools tab (b7c79f4).
- Support for Wazuh v3.6.1.
- Fixed a bug on the Dev tools tab (4ca9ed5).
- Support for Wazuh v3.6.0.
- Support for Wazuh v3.6.0.
- Support for Elastic Stack v6.4.0 (#813).
- Added new options to
config.yml
to change shards and replicas settings forwazuh-monitoring
indices (#809). - Added more error messages for
wazuhapp.log
in case of failure when performing some crucial functions (#812). - Now it's possible to change replicas settings for existing
.wazuh
,.wazuh-version
andwazuh-monitoring
indices on theconfig.yml
file (#817).
- App frontend code refactored and restructured (#802).
- Now the Overview > Security events tab won't show anything if the only visualization with data is Agents status (#811).
- Fixed a bug where the RAM status message appreared twice the first time you opened the app (#807).
- Fixed the app UI to make the app usable on Internet Explorer 11 (#808).
- The welcome tabs on Overview and Agents have been updated with a new name and description for the existing sections (#788).
- Now the app tables will auto-resize depending on the screen height (#792).
- Now all the app filters on several tables will present the values in alphabetical order (#787).
- Fixed a bug on Decoders where clicking on the decoder wouldn't open the detail view if the
Parent decoders
filter was enabled (#782). - Fixed a bug on Dev tools when the first line on the editor pane was empty or had a comment (#790).
- Fixed a bug where the app was throwing multiple warning messages the first time you open it (#791).
- Fixed a bug where clicking on a different tab from Overview right after inserting the API credentials for the first time would always redirect to Overview (#791).
- Fixed a bug where the user could have a browser cookie with a reference to a non-existing API entry on Elasticsearch (#794 & #795).
- The cluster key has been removed from the API requests to
/manager/configuration
(#796).
- Support for Wazuh v3.5.0.
- Added new fields for Vulnerability detector alerts (#752).
- Added multi table search for
wz-table
directive. Added two new log levels for Management > Logs section (#753).
- Added a few new fields for Kibana due to the new Wazuh who-data feature (#763).
- Added XML/JSON viewer for each card under Management > Configuration (#764).
- Improved error handling for Dev tools. Also removed some unused dependencies from the Dev tools tab (#760).
- Unified origin for tab descriptions. Reviewed some grammar typos (#765).
- Refactored agents autocomplete component. Removed unused/deprecated modules (#766).
- Simplified route resolves section (#768).
- Fixed missing cluster node filter for the visualization shown when looking for specific node under Management > Monitoring section (#758).
- Fixed missing dependency injection for
wzMisc
factory (#768).
- Removed
angular-aria
,angular-md5
,ansicolors
,js-yaml
,querystring
andlodash
dependencies since Kibana includes all of them. Removed some unused images (#768).
- Support for Wazuh v3.4.0.
- Support for Elastic Stack v6.3.2.
- Support for Kuery as accepted query language (#742).
- This feature is experimental.
- Added new Who data fields from file integrity monitoring features (#746).
- Added tab in Settings section where you can see the last logs from the Wazuh app server (#723).
- Fully redesigned of the welcome screen along the different app sections (#751).
- Now any agent can go to the Inventory tab regardless if it's enabled or not. The content will change properly according to the agent configuration (#744).
- Updated the
angular-material
dependency to1.1.10
(#743). - Any API entry is now removable regardless if it's the only one API entry (#740).
- Performance has been improved regarding to agents status, they are now being fetched using distinct routes from the Wazuh API (#738).
- Improved the way we are parsing some Wazuh API errors regarding to version mismatching (#735).
- Fixed wrong filters being applied in Ruleset > Rules and Ruleset > Decoders sections when using Lucene like filters plus path filters (#736).
- Fixed the template checking from the healthcheck, now it allows to use custom index patterns (#739).
- Fixed infinite white screen from Management > Monitoring when the Wazuh cluster is enabled but not running (#741).
- Added a new Angular.js factory to store the Wazuh app configuration values. Also, this factory is being used by the pre-routes functions (resolves); this way we are sure about having the real configuration at any time. These pre-routes functions have been improved too (#670).
- Added extended information for reports from Reporting feature (#701).
- Tables have been improved. Now they are truncating long fields and adding a tooltip if needed (#671).
- Services have been improved (#715).
- CSV formatted files have been improved. Now they are showing a more human readable column names (#717, #726).
- Added/Modified some visualization titles (#728).
- Improved Discover perfomance when in background mode (#719).
- Reports from the Reporting feature have been fulyl redesigned (#701).
- Fixed the top menu API indicator when checking the API connection and the manager/cluster information had been changed (#668).
- Fixed our logger module which was not writting logs the very first time Kibana is started neither after a log rotation (#667).
- Fixed a regular expression in the server side when parsing URLs before registering a new Wazuh API (#690).
- Fixed filters from specific visualization regarding to File integrity section (#694).
- Fixed filters parsing when generating a report because it was not parsing negated filters as expected (#696).
- Fixed visualization counter from OSCAP tab (#722).
- Temporary removed CSV download from agent inventory section due to Wazuh API bug (#727).
- Improvements for latest app redesign (#652):
- The Welcome tabs have been simplified, following a more Elastic design.
- Added again the
md-nav-bar
component with refined styles and limited to specific sections. - The Settings > Welcome tab has been removed. You can use the nav bar to switch tabs.
- Minor CSS adjustments and reordering.
- Small app UI improvements (#634):
- Added link to Agents Preview on the Agents tab breadcrumbs.
- Replaced the Generate report button with a smaller one.
- Redesigned Management > Ruleset
md-chips
to look similar to Kibana filter pills. - Added agent information bar from Agents > General to Agents > Welcome too.
- Refactored flex layout on Welcome tabs to fix a height visual bug.
- Removed duplicated loading rings on the Agents tab.
- Improvements for app tables (#627):
- Now the current page will be highlighted.
- The gap has been fixed to the items per page value.
- If there are no more pages for Next or Prev buttons, they will be hidden.
- Improvements for app health check (#637):
- Improved design for the view.
- The checks have been placed on a table, showing the current status of each one.
- Changes to our reporting feature (#639):
- Now the generated reports will include tables for each section.
- Added a parser for getting Elasticsearch data table responses.
- The reporting feature is now a separated module, and the code has been refactored.
- Improvements for app tables pagination (#646).
- Now the
pretty
parameter on the Dev tools tab will be ignored to avoidUnexpected error
messages (#624). - The
pdfkit
dependency has been replaced bypdfmake
(#639). - Changed some Kibana tables for performance improvements on the reporting feature (#644).
- Changed the method to refresh the list of known fields on the index pattern (#650):
- Now when restarting Kibana, the app will update the fieldset preserving the custom user fields.
- Fixed bug on Agents CIS-CAT tab who wasn't loading the appropriate visualizations (#626).
- Fixed a bug where sometimes the index pattern could be
undefined
during the health check process, leading into a false error message when loading the app (#640). - Fixed several bugs on the Settings > API tab when removing, adding or editing new entries.
- Removed the app login system (#636):
- This feature was unstable, experimental and untested for a long time. We'll provide much better RBAC capabilities in the future.
- Removed the new Kuery language option on Discover app search bars.
- This feature will be restored in the future, after more Elastic v6.3.0 adaptations.
- Support for Elastic Stack v6.3.0 (#579 & #612 & #615).
- Brand-new Wazuh app redesign for the Monitoring tab (#581):
- Refactored and optimized UI for these tabs, using a breadcrumbs-based navigability.
- Used the same guidelines from the previous redesign for Overview and Agents tabs.
- New tab for Agents - Inventory (#582):
- Get information about the agent host, such as installed packages, motherboard, operating system, etc.
- This tab will appear if the agent has the
syscollector
wodle enabled.
- Brand-new extension - CIS-CAT Alerts (#601):
- A new extension, disabled by default.
- Visualize alerts related to the CIS-CAT benchmarks on the Overview and Agents tabs.
- Get information about the last performed scan and its score.
- Several improvements for the Dev tools tab (#583 & #597):
- Now you can insert queries using inline parameters, just like in a web browser.
- You can combine inline parameters with JSON-like parameters.
- If you use the same parameter on both methods with different values, the inline parameter has precedence over the other one.
- The tab icon has been changed for a more appropriate one.
- The
Execute query
button is now always placed on the first line of the query block.
- Refactoring for all app tables (#582):
- Replaced the old
wz-table
directive with a new one, along with a new data factory. - Now the tables are built with a pagination system.
- Much easier method for building tables for the app.
- Performance and stability improvements when fetching API data.
- Now you can see the total amount of items and the elapsed time.
- Replaced the old
- Moved some logic from the Agents preview tab to the server, to avoid excessive client-side workload (#586).
- Changed the UI to use the same loading ring across all the app tabs (#593 & #599).
- Changed the No results message across all the tabs with visualizations (#599).
- Fixed a bug on the Settings/Extensions tab where enabling/disabling some extensions could make other ones to be disabled (#591).
- Support for Wazuh v3.3.1.
- Brand-new Wazuh app redesign for the Settings tab (#570):
- Refactored and optimized UI for these tabs, using a breadcrumbs-based navigability.
- Used the same guidelines from the previous redesign for Overview and Agents tabs.
- Refactoring for Overview and Agents controllers (#564):
- Reduced duplicated code by splitting it into separate files.
- Code optimization for a better performance and maintainability.
- Added new services to provide similar functionality between different app tabs.
- Added
data.vulnerability.package.condition
to the list of known fields (#566).
- The
wazuh-logs
andwazuh-monitoring
folders have been moved to the Kibana'soptimize
directory in order to avoid some error messages when using thekibana-plugin list
command (#563).
- Fixed a bug on the Settings tab where updating an API entry with wrong credentials would corrupt the existing one (#558).
- Fixed a bug on the Settings tab where removing an API entry while its edit form is opened would hide the
Add API
button unless the user reloads the tab (#558). - Fixed some Audit visualizations on the Overview and Agents tabs that weren't using the same search query to show the results (#572).
- Fixed undefined variable error on the
wz-menu
directive (#575).
- Fixed a bug on the Agent Configuration tab where the sync status was always
NOT SYNCHRONIZED
(#569).
- Support for Wazuh v3.3.0.
- Updated some backend API calls to include the app version in the request header (#560).
- Brand-new Wazuh app redesign for Overview and Agents tabs (#543):
- Updated UI for these tabs using breadcrumbs.
- New Welcome screen, presenting all the tabs to the user, with useful links to our documentation.
- Overall design improved, adjusted font sizes and reduced HTML code.
- This base will allow the app to increase its functionality in the future.
- Removed the
md-nav-bar
component for a better user experience on small screens. - Improved app performance removing some CSS effects from some components, such as buttons.
- New filter for agent version on the Agents Preview tab (#537).
- New filter for cluster node on the Agents Preview tab (#538).
- Now the report generation process will run in a parallel mode in the foreground (#523).
- Replaced the usage of
$rootScope
with two new factories, along with more controller improvements (#525). - Now the Extensions tab on Settings won't edit the
.wazuh
index to modify the extensions configuration for all users (#545).- This allows each new user to always start with the base extensions configuration, and modify it to its needs storing the settings on a browser cookie.
- Now the GDPR requirements description on its tab won't be loaded if the Wazuh API version is not v3.2.3 or higher (#546).
- Fixed a bug where the app crashes when attempting to download huge amounts of data as CSV format (#521).
- Fixed a bug on the Timelion visualizations from Management/Monitoring which were not properly filtering and showing the cluster nodes information (#530).
- Fixed several bugs on the loading process when switching between tabs with or without visualizations in the Overview and Agents tab (#531 & #533).
- Fixed a bug on the
wazuh-monitoring
index feature when using multiple inserted APIs, along with several performance improvements (#539). - Fixed a bug where the OS filter on the Agents Preview tab would exclude the rest of filters instead of combining them (#552).
- Fixed a bug where the Extensions settings were restored every time the user opened the Settings tab or pressed the Set default manager button (#555 & #556).
- Support for Wazuh v3.2.4.
- New functionality - Reporting (#510):
- Generate PDF logs on the Overview and Agents tabs, with the new button next to Panels and Discover.
- The report will contain the current visualizations from the tab where you generated it.
- List all your generated reports, download or deleted them at the new Management/Reporting tab.
- Warning: If you leave the tab while generating a report, the process will be aborted.
- Added warning/error messages about the total RAM on the server side (#502):
- None of this messages will prevent the user from accessing the app, it's just a recommendation.
- If your server has less than 2GB of RAM, you'll get an error message when opening the app.
- If your server has between 2GB and 3GB of RAM, you'll get a warning message.
- If your server has more than 3GB of RAM, you won't get any kind of message.
- Refactoring and added loading bar to Manager Logs and Groups tabs (#505).
- Added more Syscheck options to Management/Agents configuration tabs (#509).
- Added more fields to the
known-fields.js
file to avoid warning messages on Discover when using Filebeat for alerts forwarding (#497). - Fixed a bug where clicking on the Check connection button on the Settings tab threw an error message although the API connected successfully (#504).
- Fixed a bug where the Agents tab was not properly showing the total of agents due to the new Wazuh cluster implementation (#517).
- Support for Wazuh v3.2.3.
- Brand-new extension - GDPR Alerts (#453):
- A new extension, enabled by default.
- Visualize alerts related to the GDPR compliance on the Overview and Agents tabs.
- The Ruleset tab has been updated to include GDPR filters on the Rules subtab.
- Brand-new Management tab - Monitoring (#490):
- Visualize your Wazuh cluster, both master and clients.
- Get the current cluster configuration.
- Nodes listing, sorting, searching, etc.
- Get a more in-depth cluster status thanks to the newly added Timelion visualizations.
- The Detail view gives you a summary of the node's healthcheck.
- Visualize your Wazuh cluster, both master and clients.
- Brand-new tab - Dev tools (#449):
- Find it on the top navbar, next to Discover.
- Execute Wazuh API requests directly from the app.
- This tab uses your currently selected API from Settings.
- You can type different API requests on the input window, select one with the cursor, and click on the Play button to execute it.
- You can also type comments on the input window.
- More improvements for the Manager/Ruleset tab (#446):
- A new colour palette for regex, order and rule description arguments.
- Added return to List view on Ruleset button while on Detail view.
- Fixed line height on all table headers.
- Removed unused, old code from Ruleset controllers.
- Added option on
config.yml
to enable/disable thewazuh-monitoring
index (#441):- Configure the frequency time to generate new indices.
- The default frequency time has been increased to 1 hour.
- When disabled, useful metrics will appear on Overview/General replacing the Agent status visualization.
- Added CSV exporting button to the app (#431):
- Implemented new logic to fetch data from the Wazuh API and download it in CSV format.
- Currently available for the Ruleset, Logs and Groups sections on the Manager tab and also the Agents tab.
- More refactoring to the app backend (#439):
- Standardized error output from the server side.
- Drastically reduced the error management logic on the client side.
- Applied the Facade pattern when importing/exporting modules.
- Deleted unused/deprecated/useless methods both from server and client side.
- Some optimizations to variable type usages.
- Refactoring to Kibana filters management (#452 & #459):
- Added new class to build queries from the base query.
- The filter management is being done on controllers instead of the
discover
directive. - Now we are emitting specific events whenever we are fetching data or communicating to the
discover
directive. - The number of useless requests to fetch data has been reduced.
- The synchronization actions are working as expected regardless the amount of data and/or the number of machine resources.
- Fixed several bugs about filter usage and transition to different app tabs.
- Added confirmation message when the user deletes an API entry on Settings/API (#428).
- Added support for filters on the Manager/Logs tab when realtime is enabled (#433).
- Added more filter options to the Detail view on Manager/Ruleset (#434).
- Changed OSCAP visualization to avoid clipping issues with large agent names (#429).
- Now the related Rules or Decoders sections on Manager/Ruleset will remain hidden if there isn't any data to show or while it's loading (#434).
- Added a 200ms delay when fetching iterable data from the Wazuh API (#445 & #450).
- Fixed several bugs related to Wazuh API timeout/cancelled requests (#445).
- Added
ENOTFOUND
,EHOSTUNREACH
,EINVAL
,EAI_AGAIN
options for API URL parameter checking (#463). - Now the Settings/Extensions subtab won't appear unless there's at least one API inserted (#465).
- Now the index pattern selector on Settings/Pattern will also refresh the known fields when changing it (#477).
- Changed the Manager tab into Management (#490).
- Fixed a bug where toggling extensions after deleting an API entry could lead into an error message (#465).
- Fixed some performance bugs on the
dataHandler
service (#442 & #486). - Fixed a bug when loading the Agents preview tab on Safari web browser (#447).
- Fixed a bug where a new extension (enabled by default) appears disabled when updating the app (#456).
- Fixed a bug where pressing the Enter key on the Discover's tab search bar wasn't working properly (#488).
- Removed the
rison
dependency from thepackage.json
file (#452). - Removed unused Elasticsearch request to avoid problems when there's no API inserted (#460).
- Support for Wazuh v3.2.2.
- Refactoring on visualizations use and management (#397):
- Visualizations are no longer stored on an index, they're built and loaded on demand when needed to render the interface.
- Refactoring on the whole app source code to use the import/export paradigm.
- Removed old functions and variables from the old visualization management logic.
- Removed cron task to clean remaining visualizations since it's no longer needed.
- Some Kibana functions and modules have been overridden in order to make this refactoring work.
- This change is not intrusive in any case.
- New redesign for the Manager/Ruleset tab (#420):
- Rules and decoders list now divided into two different sections: List view and Detail view.
- Removed old expandable tables to move the rule/decoder information into a new space.
- Enable different filters on the detail view for a better search on the list view.
- New table for related rules or decoders.
- And finally, a bunch of minor design enhancements to the whole app.
- Added a copyright notice to the whole app source code (#395).
- Updated
.gitignore
with the Node template (#395). - Added new module to the
package.json
file,rison
(#404). - Added the
errorHandler
service to the blank screen scenario (#413):- Now the exact error message will be shown to the user, instead of raw JSON content.
- Added new option on the
config.yml
file to disable the new X-Pack RBAC capabilities to filter index-patterns (#417).
- Small minor enhancements to the user interface (#396):
- Reduced Wazuh app logo size.
- Changed buttons text to not use all-capitalized letters.
- Minor typos found in the HTML/CSS code have been fixed.
- Now the app log stores the package revision (#417).
- Fixed bug where the Agents tab didn't preserve the filters after reloading the page (#404).
- Fixed a bug when using X-Pack that sometimes threw an error of false "Not enough privileges" scenario (#415).
- Fixed a bug where the Kibana Discover auto-refresh functionality was still working when viewing the Agent configuration tab (#419).
- Changed severity and verbosity to some log messages (#412).
- Fixed a bug when using the X-Pack plugin without security capabilities enabled (#403).
- Fixed a bug when the app was trying to create
wazuh-monitoring
indices without checking the existence of the proper template (#412).
- Support for Elastic Stack v6.2.4.
- App server fully refactored (#360):
- Added new classes, reduced the amount of code, removed unused functions, and several optimizations.
- Now the app follows a more ES6 code style on multiple modules.
- Overview/Agents visualizations have been ordered into separated files and folders.
- Now the app can use the default index defined on the
/ect/kibana/kibana.yml
file. - Better error handling for the visualizations directive.
- Added a cron job to delete remaining visualizations on the
.kibana
index if so. - Also, we've added some changes when using the X-Pack plugin:
- Better management of users and roles in order to use the app capabilities.
- Prevents app loading if the currently logged user has no access to any index pattern.
- Added the
errorHandler
service to thedataHandler
factory (#340). - Added Syscollector section to Manager/Agents Configuration tabs (#359).
- Added
cluster.name
field to thewazuh-monitoring
index (#377).
- Increased the query size when fetching the index pattern list (#339).
- Changed active colour for all app tables (#347).
- Changed validation regex to accept URLs with non-numeric format (#353).
- Changed visualization removal cron task to avoid excessive log messages when there weren't removed visualizations (#361).
- Changed filters comparison for a safer access (#383).
- Removed some
server.log
messages to avoid performance errors (#384). - Changed the way of handling the index patterns list (#360).
- Rewritten some false error-level logs to just information-level ones (#360).
- Changed some files from JSON to CommonJS for performance improvements (#360).
- Replaced some code on the
kibana-discover
directive with a much cleaner statement to avoid issues on the Agents tab (#394).
- Fixed a bug where several
agent.id
filters were created at the same time when navigating between Agents and Groups with different selected agents (#342). - Fixed logic on the index-pattern selector which wasn't showing the currently selected pattern the very first time a user opened the app (#345).
- Fixed a bug on the
errorHandler
service who was preventing a proper output of some Elastic-related backend error messages (#346). - Fixed panels flickering in the Settings tab (#348).
- Fixed a bug in the shards and replicas settings when the user sets the value to zero (0) (#358).
- Fixed several bugs related to the upgrade process from Wazuh 2.x to the new refactored server (#363).
- Fixed a bug in Discover/Agents VirusTotal tabs to avoid conflicts with the
agent.name
field (#379). - Fixed a bug on the implicit filter in Discover/Agents PCI tabs (#393).
- Removed clear API password on
checkPattern
response (#339). - Removed old dashboard visualizations to reduce loading times (#360).
- Removed some unused dependencies due to the server refactoring (#360).
- Removed completely
metricService
from the app (#389).
- New logging system (#307):
- New module implemented to write app logs.
- Now a trace is stored every time the app is re/started.
- Currently, the
initialize.js
andmonitoring.js
files work with this system. - Note: the logs will live under
/var/log/wazuh/wazuhapp.log
on Linux systems, on Windows systems they will live underkibana/plugins/
. It rotates the log whenever it reaches 100MB.
- Better cookies handling (#308):
- New field on the
.wazuh-version
index to store the last time the Kibana server was restarted. - This is used to check if the cookies have consistency with the current server status.
- Now the app is clever and takes decisions depending on new consistency checks.
- New field on the
- New design for the Agents/Configuration tab (#310):
- Added "group" column on the agents list in Agents (#312):
- If you click on the group, it will redirect the user to the specified group in Manager/Groups.
- New option for the
config.yml
file,ip.selector
(#313):- Define if the app will show or not the index pattern selector on the top navbar.
- This setting is set to
true
by default.
- More CSS cleanup and reordering (#315):
- New
typography.less
file. - New
layout.less
file. - Removed
cleaned.less
file. - Reordering and cleaning of existing CSS files, including removal of unused classes, renaming, and more.
- The Settings tab has been refactored to correct some visual errors with some card components.
- Small refactoring to some components from Manager/Ruleset (#323).
- New
- New design for the top navbar (#326):
- Cleaned and refactored code
- Revamped design, smaller and with minor details to follow the rest of Wazuh app guidelines.
- New design for the wz-chip component to follow the new Wazuh app guidelines (#323).
- Added more descriptive error messages when the user inserts bad credentials on the Add new API form in the Settings tab (#331).
- Added a new CSS class to truncate overflowing text on tables and metric ribbons (#332).
- Support for Elastic Stack v6.2.2/v6.2.3.
- Improved the initialization system (#317):
- Now the app will re-create the index-pattern if the user deletes the currently used by the Wazuh app.
- The fieldset is now automatically refreshed if the app detects mismatches.
- Now every index-pattern is dynamically formatted (for example, to enable the URLs in the Vulnerabilities tab).
- Some code refactoring for a better handling of possible use cases.
- And the best thing, it's no longer needed to insert the sample alert!
- Improvements and changes to index-patterns (#320 & #333):
- Added a new route,
/get-list
, to fetch the index pattern list. - Removed and changed several functions for a proper management of index-patterns.
- Improved the compatibility with user-created index-patterns, known to have unpredictable IDs.
- Now the app properly redirects to
/blank-screen
if the length of the index patterns list is 0. - Ignored custom index patterns with auto-generated ID on the initialization process.
- Now it uses the value set on the
config.yml
file.
- Now it uses the value set on the
- If the index pattern is no longer available, the cookie will be overwritten.
- Added a new route,
- Improvements to the monitoring module (#322):
- Minor refactoring to the whole module.
- Now the
wazuh-monitoring
index pattern is regenerated if it's missing. - And the best thing, it's no longer needed to insert the monitoring template!
- Now the app health check system only checks if the API and app have the same
major.minor
version (#311):- Previously, the API and app had to be on the same
major.minor.patch
version.
- Previously, the API and app had to be on the same
- Adjusted space between title and value in some cards showing Manager or Agent configurations (#315).
- Changed red and green colours to more saturated ones, following Kibana style (#315).
- Fixed bug in Firefox browser who was not properly showing the tables with the scroll pagination functionality (#314).
- Fixed bug where visualizations weren't being destroyed due to ongoing renderization processes (#316).
- Fixed several UI bugs for a better consistency and usability (#318).
- Fixed an error where the initial index-pattern was not loaded properly the very first time you enter the app (#328).
- Fixed an error message that appeared whenever the app was not able to found the
wazuh-monitoring
index pattern (#328).
- New design for the Manager/Groups tab (#295).
- New design for the Manager/Configuration tab (#297).
- New design of agents statistics for the Agents tab (#299).
- Added information ribbon into Overview/Agent SCAP tabs (#303).
- Added information ribbon into Overview/Agent VirusTotal tabs (#306).
- Added information ribbon into Overview AWS tab (#306).
- Refactoring of HTML and CSS code throughout the whole Wazuh app (#294, #302 & #305):
- A big milestone for the project was finally achieved with this refactoring.
- We've removed the Bootstrap dependency from the
package.json
file. - We've removed and merged many duplicated rules.
- We've removed HTML and
angular-md
overriding rules. Now we have more own-made classes to avoid undesired results on the UI. - Also, this update brings tons of minor bugfixes related to weird HTML code.
- Wazuh app visualizations reviewed (#301):
- The number of used buckets has been limited since most of the table visualizations were surpassing acceptable limits.
- Some visualizations have been checked to see if they make complete sense on what they mean to show to the user.
- Modified some app components for better follow-up of Kibana guidelines (#290 & #297).
- Also, some elements were modified on the Discover tab in order to correct some mismatches.
- Adjusted information ribbon in Agents/General for large OS names (#290 & #294).
- Fixed unsafe array access on the visualization directive when going directly into Manager/Ruleset/Decoders (#293).
- Fixed a bug where navigating between agents in the Agents tab was generating duplicated
agent.id
implicit filters (#296). - Fixed a bug where navigating between different tabs from Overview or Agents while being on the Discover sub-tab was causing data loss in metric watchers (#298).
- Fixed incorrect visualization of the rule level on Manager/Ruleset/Rules when the rule level is zero (0) (#298).
- Removed almost every
md-tooltip
component from the whole app (#305). - Removed unused images from the
img
folder (#305).
- Support for Wazuh v3.2.1.
- Brand-new first redesign for the app user interface (#278):
- This is the very first iteration of a work-in-progress UX redesign for the Wazuh app.
- The overall interface has been refreshed, removing some unnecessary colours and shadow effects.
- The metric visualizations have been replaced by an information ribbon under the filter search bar, reducing the amount of space they occupied.
- A new service was implemented for a proper handling of the metric visualizations watchers (#280).
- The rest of the app visualizations now have a new, more detailed card design.
- New shards and replicas settings to the
config.yml
file (#277):- Now you can apply custom values to the shards and replicas for the
.wazuh
and.wazuh-version
indices. - This feature only works before the installation process. If you modify these settings after installing the app, they won't be applied at all.
- Now you can apply custom values to the shards and replicas for the
- Now clicking again on the Groups tab on Manager will properly reload the tab and redirect to the beginning (#274).
- Now the visualizations only use the
vis-id
attribute for loading them (#275). - The colours from the toast messages have been replaced to follow the Elastic 6 guidelines (#286).
- Fixed wrong data flow on Agents/General when coming from and going to the Groups tab (#273).
- Fixed sorting on tables, now they use the sorting functionality provided by the Wazuh API (#274).
- Fixed column width issues on some tables (#274).
- Fixed bug in the Agent configuration JSON viewer who didn't properly show the full group configuration (#276).
- Fixed excessive loading time from some Audit visualizations (#278).
- Fixed Play/Pause button in timepicker's auto-refresh (#281).
- Fixed unusual scenario on visualization directive where sometimes there was duplicated implicit filters when doing a search (#283).
- Fixed some Overview Audit visualizations who were not working properly (#285).
- Deleted the
id
attribute from all the app visualizations (#275).
- New directives for the Wazuh app:
wz-table
,wz-table-header
andwz-search-bar
(#263):- Maintainable and reusable components for a better-structured app.
- Several files have been changed, renamed and moved to new folders, following best practices.
- The progress bar is now within its proper directive (#266).
- Minor typos and refactoring changes to the new directives.
- Support for Elastic Stack v6.2.2.
- App buttons have been refactored. Unified CSS and HTML for buttons, providing the same structure for them (#269).
- The API list on Settings now shows the latest inserted API at the beginning of the list (#261).
- The check for the currently applied pattern has been improved, providing clever handling of Elasticsearch errors (#271).
- Now on Settings, when the Add or Edit API form is active, if you press the other button, it will make the previous one disappear, getting a clearer interface (#9df1e31).
- Fixed visualizations directive to properly load the Manager/Ruleset visualizations (#262).
- Fixed a bug where the classic extensions were not affected by the settings of the
config.yml
file (#266). - Fixed minor CSS bugs from the conversion to directives to some components (#266).
- Fixed bug in the tables directive when accessing a member it doesn't exist (#266).
- Fixed browser console log error when clicking the Wazuh logo on the app (#6647fbc).
- Removed the
kbn-dis
directive from Manager/Ruleset (#262). - Removed the
filters.js
andkibana_fields_file.json
files (#263). - Removed the
implicitFilters
service (#270). - Removed visualizations loading status trace from controllers and visualization directive (#270).
- Support for Wazuh 3.2.0.
- Compatibility with Kibana 6.1.0 to Kibana 6.2.1.
- New tab for vulnerability detector alerts.
- The app now shows the index pattern selector only if the list length is greater than 1.
- If it's exactly 1 shows the index pattern without a selector.
- Now the index pattern selector only shows the compatible ones.
- It's no longer possible to select the
wazuh-monitoring
index pattern.
- It's no longer possible to select the
- Updated Bootstrap to 3.3.7.
- Improved filter propagation between Discover and the visualizations.
- Replaced the login route name from /login to /wlogin to avoid conflict with X-Pack own login route.
- Several CSS bugfixes for better compatibility with Kibana 6.2.1.
- Some variables changed for adapting new Wazuh API requests.
- Better error handling for some Elastic-related messages.
- Fixed browser console error from top-menu directive.
- Removed undesired md-divider from Manager/Logs.
- Adjusted the width of a column in Manager/Logs to avoid overflow issues with the text.
- Fixed a wrong situation with the visualizations when we refresh the Manager/Rules tab.
- Removed the
travis.yml
file.
- Support for Wazuh 3.1.0.
- Compatibility with Kibana 6.1.3.
- New error handler for better app errors reporting.
- A new extension for Amazon Web Services alerts.
- A new extension for VirusTotal alerts.
- New agent configuration tab:
- Visualize the current group configuration for the currently selected agent on the app.
- Navigate through the different tabs to see which configuration is being used.
- Check the synchronization status for the configuration.
- View the current group of the agent and click on it to go to the Groups tab.
- New initial health check for checking some app components.
- New YAML config file:
- Define the initial index pattern.
- Define specific checks for the healthcheck.
- Define the default extensions when adding new APIs.
- New index pattern selector dropdown on the top navbar.
- The app will reload applying the new index pattern.
- Added new icons for some sections of the app.
- New visualizations loader, with much better performance.
- Improved reindex process for the .wazuh index when upgrading from a 2.x-5.x version.
- Adding 365 days expiring time to the cookies.
- Change default behaviour for the config file. Now everything is commented with default values.
- You need to edit the file, remove the comment mark and apply the desired value.
- Completely redesigned the manager configuration tab.
- Completely redesigned the groups tab.
- App tables have now unified CSS classes.
- Play real-time button has been fixed.
- Preventing duplicate APIs from feeding the wazuh-monitoring index.
- Fixing the check manager connection button.
- Fixing the extensions settings so they are preserved over time.
- Much more error handling messages in all the tabs.
- Fixed OS filters in agents list.
- Fixed autocomplete lists in the agents, rules and decoders list so they properly scroll.
- Many styles bugfixes for the different browsers.
- Reviewed and fixed some visualizations not showing accurate information.
- Removed index pattern configuration from the
package.json
file. - Removed unnecessary dependencies from the
package.json
file.
- You can configure the initial index-pattern used by the plugin in the initialPattern variable of the app's package.json.
- Auto
.wazuh
reindex from Wazuh 2.x - Kibana 5.x to Wazuh 3.x - Kibana 6.x.- The API credentials will be automatically migrated to the new installation.
- Dynamically changed the index-pattern used by going to the Settings -> Pattern tab.
- Wazuh alerts compatibility auto detection.
- New loader for visualizations.
- Better performance: now the tabs use the same Discover tab, only changing the current filters.
- New Groups tab.
- Now you can check your group configuration (search its agents and configuration files).
- The Logs tab has been improved.
- You can sort by field and the view has been improved.
- Achieved a clearer interface with implicit filters per tab showed as unremovable chips.
- Dynamically creating .kibana index if necessary.
- Better integration with Kibana Discover.
- Visualizations loaded at initialization time.
- New sync system to wait for Elasticsearch JS.
- Decoupling selected API and pattern from backend and moved to the client side.
- Loading icon while Wazuh loads the visualizations.
- Add/Delete/Restart agents.
- OS agent filter
- Using genericReq when possible.
- New index in Elasticsearch to save Wazuh set up configuration
- Short URL's is now supported
- A native base path from kibana.yml is now supported
- Search bar across panels now support parenthesis grouping
- Several CSS fixes for IE browser