Merge 4.8.2 into master (#6267)

Merge 4.8.2 into master

.github/workflows/wazuh-build-push-docker-action.yml

@@ -55,63 +55,63 @@ jobs:
     name: Run build and push manager image
     runs-on: ubuntu-latest
     steps:
-     - name: Step 01 - Download wazuh-kibana-app
-       uses: actions/checkout@v2
-       with:
+      - name: Step 01 - Download wazuh-kibana-app
+        uses: actions/checkout@v2
+        with:
           path: wazuh-kibana-app
-     - name: Step 02 - Login to quay.io
-       run: |
-        docker login -u=${{ secrets.QUAYIO_USERNAME }} -p=${{ secrets.QUAYIO_TOKEN }} quay.io
-     - name: Step 03 - Build image
-       run: |
-        cd ${{ github.workspace }}/wazuh-kibana-app/test/cypress/images/wazuh_manager_filebeat_sources_cmake
-        docker build -t quay.io/wazuh/wazuh-manager-image:${{ github.event.inputs.wazuh-manager-version }}-${{ github.event.inputs.elastic-manager-version }} \
-        --build-arg WAZUH_VERSION=${{ github.event.inputs.wazuh-manager-version }} \
-        --build-arg FILEBEAT_VERSION=${{ github.event.inputs.elastic-manager-version }} \
-        --build-arg FILEBEAT_WAZUH_TEMPLATE_URL=https://raw.githubusercontent.com/wazuh/wazuh/4.0/extensions/elasticsearch/7.x/wazuh-template.json \
-        --build-arg FILEBEAT_WAZUH_MODULE_URL=https://packages.wazuh.com/4.x/filebeat/wazuh-filebeat-0.3.tar.gz .
-     - name: Step 04 - Push image to quay.io
-       run: |
-        docker push quay.io/wazuh/wazuh-manager-image:${{ github.event.inputs.wazuh-manager-version }}-${{ github.event.inputs.elastic-manager-version }}
+      - name: Step 02 - Login to quay.io
+        run: |
+          docker login -u=${{ secrets.QUAYIO_USERNAME }} -p=${{ secrets.QUAYIO_TOKEN }} quay.io
+      - name: Step 03 - Build image
+        run: |
+          cd ${{ github.workspace }}/wazuh-kibana-app/test/cypress/images/wazuh_manager_filebeat_sources_cmake
+          docker build -t quay.io/wazuh/wazuh-manager-image:${{ github.event.inputs.wazuh-manager-version }}-${{ github.event.inputs.elastic-manager-version }} \
+          --build-arg WAZUH_VERSION=${{ github.event.inputs.wazuh-manager-version }} \
+          --build-arg FILEBEAT_VERSION=${{ github.event.inputs.elastic-manager-version }} \
+          --build-arg FILEBEAT_WAZUH_TEMPLATE_URL=https://raw.githubusercontent.com/wazuh/wazuh/4.0/extensions/elasticsearch/7.x/wazuh-template.json \
+          --build-arg FILEBEAT_WAZUH_MODULE_URL=https://packages.wazuh.com/4.x/filebeat/wazuh-filebeat-0.4.tar.gz .
+      - name: Step 04 - Push image to quay.io
+        run: |
+          docker push quay.io/wazuh/wazuh-manager-image:${{ github.event.inputs.wazuh-manager-version }}-${{ github.event.inputs.elastic-manager-version }}
 
   job-build-agent-image:
     if: ${{ github.event.inputs.build-agent-image == 'true' }}
     name: Run build and push agent image
     runs-on: ubuntu-latest
     steps:
-     - name: Step 01 - Download wazuh-kibana-app
-       uses: actions/checkout@v2
-       with:
+      - name: Step 01 - Download wazuh-kibana-app
+        uses: actions/checkout@v2
+        with:
           path: wazuh-kibana-app
-     - name: Step 02 - Login to quay.io
-       run: |
-        docker login -u=${{ secrets.QUAYIO_USERNAME }} -p=${{ secrets.QUAYIO_TOKEN }} quay.io
-     - name: Step 03 - Build image
-       run: |
-        cd ${{ github.workspace }}/wazuh-kibana-app/test/cypress/images/wazuh_agent_ubuntu_sources_cmake
-        docker build -t quay.io/wazuh/wazuh-agent-image:${{ github.event.inputs.wazuh-agent-version }} \
-        --build-arg WAZUH_VERSION=${{ github.event.inputs.wazuh-agent-version }} .
-     - name: Step 04 - Push image to quay.io
-       run: |
-        docker push quay.io/wazuh/wazuh-agent-image:${{ github.event.inputs.wazuh-agent-version }}
+      - name: Step 02 - Login to quay.io
+        run: |
+          docker login -u=${{ secrets.QUAYIO_USERNAME }} -p=${{ secrets.QUAYIO_TOKEN }} quay.io
+      - name: Step 03 - Build image
+        run: |
+          cd ${{ github.workspace }}/wazuh-kibana-app/test/cypress/images/wazuh_agent_ubuntu_sources_cmake
+          docker build -t quay.io/wazuh/wazuh-agent-image:${{ github.event.inputs.wazuh-agent-version }} \
+          --build-arg WAZUH_VERSION=${{ github.event.inputs.wazuh-agent-version }} .
+      - name: Step 04 - Push image to quay.io
+        run: |
+          docker push quay.io/wazuh/wazuh-agent-image:${{ github.event.inputs.wazuh-agent-version }}
 
   job-build-cypress-image:
     if: ${{ github.event.inputs.build-cypress-image == 'true' }}
     name: Run build and push cypress image
     runs-on: ubuntu-latest
     steps:
-     - name: Step 01 - Download wazuh-kibana-app
-       uses: actions/checkout@v2
-       with:
+      - name: Step 01 - Download wazuh-kibana-app
+        uses: actions/checkout@v2
+        with:
           path: wazuh-kibana-app
-     - name: Step 02 - Login to quay.io
-       run: |
-        docker login -u=${{ secrets.QUAYIO_USERNAME }} -p=${{ secrets.QUAYIO_TOKEN }} quay.io
-     - name: Step 03 - Build image
-       run: |
-        cd ${{ github.workspace }}/wazuh-kibana-app/test/cypress/images/ubuntu-cypress
-        docker build -t quay.io/wazuh/wazuh-ubuntu-cypress:${{ github.event.inputs.image-cypress-version }} \
-        --build-arg UBUNTU_CYPRESS_BRANCH=${{ github.event.inputs.ubuntu-cypress-branch }} .
-     - name: Step 04 - Push image to quay.io
-       run: |
-        docker push quay.io/wazuh/wazuh-ubuntu-cypress:${{ github.event.inputs.image-cypress-version }}
+      - name: Step 02 - Login to quay.io
+        run: |
+          docker login -u=${{ secrets.QUAYIO_USERNAME }} -p=${{ secrets.QUAYIO_TOKEN }} quay.io
+      - name: Step 03 - Build image
+        run: |
+          cd ${{ github.workspace }}/wazuh-kibana-app/test/cypress/images/ubuntu-cypress
+          docker build -t quay.io/wazuh/wazuh-ubuntu-cypress:${{ github.event.inputs.image-cypress-version }} \
+          --build-arg UBUNTU_CYPRESS_BRANCH=${{ github.event.inputs.ubuntu-cypress-branch }} .
+      - name: Step 04 - Push image to quay.io
+        run: |
+          docker push quay.io/wazuh/wazuh-ubuntu-cypress:${{ github.event.inputs.image-cypress-version }}

CHANGELOG.md

@@ -19,6 +19,12 @@ All notable changes to the Wazuh app project will be documented in this file.
 
 - Fixed the scripted fields disappear when the fields of the events index pattern was refreshed [#6237](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6237)
 
+## Wazuh v4.8.2 - OpenSearch Dashboards 2.10.0 - Revision 00
+
+### Added
+
+- Support for Wazuh 4.8.2
+
 ## Wazuh v4.8.1 - OpenSearch Dashboards 2.10.0 - Revision 00
 
 ### Added
@@ -30,17 +36,17 @@ All notable changes to the Wazuh app project will be documented in this file.
 ### Added
 
 - Support for Wazuh 4.8.0
-- Added the ability to check if there are available updates from the UI. [#6093](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6093)
+- Added the ability to check if there are available updates from the UI. [#6093](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6093) [#6256](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6256)
 - Added remember server address check [#5791](https://github.com/wazuh/wazuh-dashboard-plugins/pull/5791)
 - Added the ssl_agent_ca configuration to the SSL Settings form [#6083](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6083)
-- Added global vulnerabilities dashboards [#5896](https://github.com/wazuh/wazuh-dashboard-plugins/pull/5896) [#6179](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6179) [#6173](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6173) [#6147](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6147)
+- Added global vulnerabilities dashboards [#5896](https://github.com/wazuh/wazuh-dashboard-plugins/pull/5896) [#6179](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6179) [#6173](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6173) [#6147](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6147) [#6231](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6231) [#6246](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6246)
 - Added an agent selector to the IT Hygiene application [#5840](https://github.com/wazuh/wazuh-dashboard-plugins/pull/5840)
 - Added query results limit when the search exceed 10000 hits [#6106](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6106)
 - Added a redirection button to Endpoint Summary from IT Hygiene application [6176](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6176)
 
 ### Changed
 
-- Moved the plugin menu to platform applications into the side menu [#5840](https://github.com/wazuh/wazuh-dashboard-plugins/pull/5840) [#6226](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6226)
+- Moved the plugin menu to platform applications into the side menu [#5840](https://github.com/wazuh/wazuh-dashboard-plugins/pull/5840) [#6226](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6226) [#6244](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6244)
 - Changed dashboards. [#6035](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6035)
 - Change the display order of tabs in all modules. [#6067](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6067)
 - Upgraded the `axios` dependency to `1.6.1` [#5062](https://github.com/wazuh/wazuh-dashboard-plugins/pull/5062)
@@ -50,7 +56,7 @@ All notable changes to the Wazuh app project will be documented in this file.
 - Fixed a problem with the agent menu header when the side menu is docked [#5840](https://github.com/wazuh/wazuh-dashboard-plugins/pull/5840)
 - Fixed how the query filters apply on the Security Alerts table [#6102](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6102)
 - Fixed exception in IT-Hygiene when an agent doesn't have policies [#6177](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6177)
-- Fixed exception in Inventory when agents don't have S.O. information [#6177](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6177)
+- Fixed exception in Inventory when agents don't have OS information [#6177](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6177)
 - Fixed pinned agent state in URL [#6177](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6177)
 - Fixed invalid date format in about and agent views [#6234](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6234)
 
@@ -61,7 +67,7 @@ All notable changes to the Wazuh app project will be documented in this file.
 - Removed the application menu in the IT Hygiene application [#6176](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6176)
 - Removed the implicit filter of WQL language of the search bar UI [#6174](https://github.com/wazuh/wazuh-dashboard-plugins/pull/6174)
 
-## Wazuh v4.7.2 - OpenSearch Dashboards 2.8.0 - Revision 00
+## Wazuh v4.7.2 - OpenSearch Dashboards 2.8.0 - Revision 01
 
 ### Added
 

docker/kbn-dev/dev.yml

@@ -1,16 +1,16 @@
-version: "2.2"
+version: '2.2'
 
 x-logging: &logging
   logging:
     driver: loki
     options:
-      loki-url: "http://host.docker.internal:3100/loki/api/v1/push"
+      loki-url: 'http://host.docker.internal:3100/loki/api/v1/push'
 
 services:
   exporter:
     image: quay.io/prometheuscommunity/elasticsearch-exporter:latest
     <<: *logging
-    hostname: "exporter-kbn-${ES_VERSION}"
+    hostname: 'exporter-kbn-${ES_VERSION}'
     networks:
       - es-dev
       - mon
@@ -21,7 +21,7 @@ services:
 
   imposter:
     image: outofcoffee/imposter
-    hostname: "imposter-kbn-${ES_VERSION}"
+    hostname: 'imposter-kbn-${ES_VERSION}'
     networks:
       - es-dev
       - mon
@@ -32,15 +32,15 @@ services:
     volumes:
       - ../imposter:/opt/imposter/config
     ports:
-       - ${IMPOSTER_PORT}:8080
+      - ${IMPOSTER_PORT}:8080
 
   filebeat:
     depends_on:
       es01:
         condition: service_healthy
     image: elastic/filebeat:7.10.2
     hostname: filebeat
-    user: "0:0"
+    user: '0:0'
     networks:
       - es-dev
       - mon
@@ -54,7 +54,7 @@ services:
         echo admin | filebeat keystore add username --stdin --force
         echo ${ELASTIC_PASSWORD}| filebeat keystore add password --stdin --force
         curl -so /etc/filebeat/wazuh-template.json https://raw.githubusercontent.com/wazuh/wazuh/4.3/extensions/elasticsearch/7.x/wazuh-template.json
-        curl -s https://packages.wazuh.com/4.x/filebeat/wazuh-filebeat-0.3.tar.gz | tar -xvz -C /usr/share/filebeat/module
+        curl -s https://packages.wazuh.com/4.x/filebeat/wazuh-filebeat-0.4.tar.gz | tar -xvz -C /usr/share/filebeat/module
         # copy filebeat to preserve correct permissions without
         # affecting host filesystem
         cp /tmp/filebeat.yml /usr/share/filebeat/filebeat.yml
@@ -69,7 +69,7 @@ services:
 
   setup:
     hostname: setup
-    user: "0"
+    user: '0'
     image: docker.elastic.co/elasticsearch/elasticsearch:${ES_VERSION}
     volumes:
       - certs:/usr/share/elasticsearch/config/certs
@@ -120,7 +120,7 @@ services:
         echo "All done!";
       '
     healthcheck:
-      test: ["CMD-SHELL", "[ -f config/certs/es01/es01.crt ]"]
+      test: ['CMD-SHELL', '[ -f config/certs/es01/es01.crt ]']
       interval: 1s
       timeout: 5s
       retries: 120
@@ -140,7 +140,7 @@ services:
       - certs:/usr/share/elasticsearch/config/certs
       - esdata01:/usr/share/elasticsearch/data
     environment:
-      - "ES_JAVA_OPTS=-Xms512m -Xmx512m"
+      - 'ES_JAVA_OPTS=-Xms512m -Xmx512m'
       - node.name=es01
       - discovery.type=single-node
       - discovery.seed_hosts=es01
@@ -166,7 +166,7 @@ services:
     healthcheck:
       test:
         [
-          "CMD-SHELL",
+          'CMD-SHELL',
           "curl -s --cacert config/certs/ca/ca.crt https://localhost:9200 | grep -q 'missing authentication credentials'",
         ]
       interval: 10s
@@ -186,7 +186,7 @@ services:
       - mon
     <<: *logging
     volumes:
-      - "${SRC}:/home/node/kbn/plugins/wazuh"
+      - '${SRC}:/home/node/kbn/plugins/wazuh'
       - certs:/home/node/kbn/config/certs
       - kibana_cache:/home/node/.cache
       - ./config/kibana/kibana.yml:/home/node/kbn/config/kibana.yml
@@ -198,7 +198,7 @@ services:
       # Kibana configuration is in the mounted config file, as the entrypoint
       # does not generate the config file from the envirtonment
       - LOGS=/proc/1/fd/1
-    entrypoint: ["tail", "-f", "/dev/null"]
+    entrypoint: ['tail', '-f', '/dev/null']
     healthcheck:
       test: sh /home/node/setup_permissions.sh es01
       interval: 5s

docker/osd-dev/dev.yml

@@ -205,7 +205,7 @@ services:
         echo admin | filebeat keystore add username --stdin --force
         echo ${PASSWORD}| filebeat keystore add password --stdin --force
         curl -so /etc/filebeat/wazuh-template.json https://raw.githubusercontent.com/wazuh/wazuh/4.3/extensions/elasticsearch/7.x/wazuh-template.json
-        curl -s https://packages.wazuh.com/4.x/filebeat/wazuh-filebeat-0.3.tar.gz | tar -xvz -C /usr/share/filebeat/module
+        curl -s https://packages.wazuh.com/4.x/filebeat/wazuh-filebeat-0.4.tar.gz | tar -xvz -C /usr/share/filebeat/module
         # copy filebeat to preserve correct permissions without
         # affecting host filesystem
         cp /tmp/filebeat.yml /usr/share/filebeat/filebeat.yml

docker/wazuh-4.2-es/pre.yml

@@ -1,16 +1,16 @@
-version: "2.2"
+version: '2.2'
 
 x-logging: &logging
   logging:
     driver: loki
     options:
-      loki-url: "http://host.docker.internal:3100/loki/api/v1/push"
+      loki-url: 'http://host.docker.internal:3100/loki/api/v1/push'
 
 services:
   exporter:
     image: quay.io/prometheuscommunity/elasticsearch-exporter:latest
     <<: *logging
-    hostname: "exporter-kbn-${ES_VERSION}"
+    hostname: 'exporter-kbn-${ES_VERSION}'
     networks:
       - es-pre
       - mon
@@ -21,7 +21,7 @@ services:
 
   imposter:
     image: outofcoffee/imposter
-    hostname: "imposter-kbn-${ES_VERSION}"
+    hostname: 'imposter-kbn-${ES_VERSION}'
     networks:
       - es-pre
       - mon
@@ -38,7 +38,7 @@ services:
         condition: service_healthy
     image: elastic/filebeat:7.10.2
     hostname: filebeat
-    user: "0:0"
+    user: '0:0'
     networks:
       - es-pre
     <<: *logging
@@ -51,7 +51,7 @@ services:
         echo admin | filebeat keystore add username --stdin --force
         echo ${ELASTIC_PASSWORD}| filebeat keystore add password --stdin --force
         curl -so /etc/filebeat/wazuh-template.json https://raw.githubusercontent.com/wazuh/wazuh/4.2/extensions/elasticsearch/7.x/wazuh-template.json
-        curl -s https://packages.wazuh.com/4.x/filebeat/wazuh-filebeat-0.3.tar.gz | tar -xvz -C /usr/share/filebeat/module
+        curl -s https://packages.wazuh.com/4.x/filebeat/wazuh-filebeat-0.4.tar.gz | tar -xvz -C /usr/share/filebeat/module
         # copy filebeat to preserve correct permissions without
         # affecting host filesystem
         cp /tmp/filebeat.yml /usr/share/filebeat/filebeat.yml
@@ -72,7 +72,7 @@ services:
       - certs:/usr/share/elasticsearch/config/certs
       - ./config/wazuh_indexer_ssl_certs/:/tmp/certs
       - ./config/setup_permissions.sh:/tmp/setup_permissions.sh
-    user: "0"
+    user: '0'
     command: >
       bash -c '
         if [ x${ELASTIC_PASSWORD} == x ]; then
@@ -134,7 +134,7 @@ services:
         echo "All done!";
       '
     healthcheck:
-      test: ["CMD-SHELL", "[ -f config/certs/es01/es01.crt ]"]
+      test: ['CMD-SHELL', '[ -f config/certs/es01/es01.crt ]']
       interval: 1s
       timeout: 5s
       retries: 120
@@ -152,7 +152,7 @@ services:
       - certs:/usr/share/elasticsearch/config/certs
       - esdata01:/usr/share/elasticsearch/data
     environment:
-      - "ES_JAVA_OPTS=-Xms512m -Xmx512m"
+      - 'ES_JAVA_OPTS=-Xms512m -Xmx512m'
       - node.name=es01
       - cluster.name=${CLUSTER_NAME}
       # - cluster.initial_master_nodes=es01,es02,es03
@@ -180,7 +180,7 @@ services:
     healthcheck:
       test:
         [
-          "CMD-SHELL",
+          'CMD-SHELL',
           "curl -s --cacert config/certs/ca/ca.crt https://localhost:9200 | grep -q 'missing authentication credentials'",
         ]
       interval: 10s
@@ -303,7 +303,7 @@ services:
     healthcheck:
       test:
         [
-          "CMD-SHELL",
+          'CMD-SHELL',
           "curl -s -I http://localhost:5601 | grep -q 'HTTP/1.1 302 Found'",
         ]
       interval: 10s
@@ -312,7 +312,7 @@ services:
 
 networks:
   es-pre:
-    name: "es-pre-${ES_VERSION}"
+    name: 'es-pre-${ES_VERSION}'
     driver: bridge
   mon:
     external: true